Friday, March 16, 2012 3:19 PM
Just looking for a little guidance on UAG arrays using integrated NLB.
I have an existing install, using a single instance of UAG, and have been asked to create an array with a second box.
I can't quite get my head around how to configure the NLB settings. At the moment the existing install has a dedicated public ip on the external interface which connects direct to the big, bad interweb thingy. This ip is given by the isp. My question is, "Do I use this as the vip on both UAG boxes?" If so do I simply configure dip addresses, belonging to the same subnet, on the external interfaces of each UAG box?
Confused? I know I am or perhaps just a little too old for this game.
Friday, March 16, 2012 3:41 PM
Nope. You got it right.
The current IP-address becomes the VIP and you need two new addresses as the DIP for the servers 8on the same subnet).
To do this, add a second address (what becomss the DIP) to the first box, then install the second box and give it a unique DIP. Join it to the array and then in UAG admin configure the VIP in the NLB settings diaglogue.
Hth, Anders Janson Enfo Zipper
Friday, March 16, 2012 4:28 PMModerator
Is this array for DirectAccess or UAG portal?
For a two node NLB array, you will need at lease 3 public IP addresses; two DIPs and one VIP. If using DA, you will need at least four public IP addresses.
Changing the IP addresses of existing UAG installations is a bit of a support quandry as dicsussed here http://technet.microsoft.com/en-us/library/ee522953.aspx and here http://technet.microsoft.com/en-us/library/ff607458.aspx
I believe support for changing IP addresses on the internal side of UAG was added in an update as discussed here: http://technet.microsoft.com/en-us/library/gg315308.aspx
If you are talking about a DirectAccess setup, this is worth a read too: http://technet.microsoft.com/en-us/library/ee191502.aspx
Friday, March 16, 2012 4:53 PM
Thanks for the answer Jason.
Unfortunately I don't have 3 public ip addresses. I do have access to any amount of hubs and switches. Could I connect the external interfaces to the outside world via a switch, use the public ip as the vip and assign two private addresses to the interfaces and let the switch do its thing?
Friday, March 16, 2012 4:54 PM
Hopefully your answer is correct. I've replied to Jason also. Just to be on the safe side.
Monday, March 19, 2012 7:41 PM
This depends very much on whether you are using only UAG web portals, or if you are using DirectAccess.
If you are using DirectAccess, you NEED 4 public IP addresses. No other way to do it.
If you are using only a UAG web portal, you will need one VIP and two DIPs, but they could all be public or private IP addresses. If you don't have 3 publics, you can setup all 3 as private addresses and then you will have to rely on a router/firewall to NAT a real public into the private VIP.
- Marked As Answer by NeilCC1 Tuesday, April 03, 2012 2:39 PM