Resources For IT Professionals

United States (English)

Россия (Pусский)中国（简体中文）Brasil (Português)

Post an article

Wikis - Page Details

First published by Rayne Wiselman [MSFT]
When: 21 Mar 2010 5:52 AM
Last revision by Carsten Siemens (Microsoft Partner)
When: 24 May 2013 1:18 PM
Revisions: 4
Comments: 3

Options

Subscribe to Article (RSS)

Can You Improve This Article?

Positively! Click Sign In to add the tip, solution, correction or comment that will help other users.

Report inappropriate content using these instructions.

Forefront UAG: About Trunks

Forefront UAG: About Trunks

Table of Contents

Provides:
Characteristics:
Deployment:
Operations:

Using Forefront UAG trunks you can publish corporate applications for access by a wide range of remote endpoint devices.

Provides:

A transfer channel via which you publish applications and resources.
Provides remote access to a single corporate Web application
Provides remote access to multiple corporate applications through a Web portal
Allows remote endpoint devices to access corporate resources in a secure and controlled manner

Characteristics:

Each trunk has a unique listener (IP address and port combination)
A trunk can only listen on standard HTTP and HTTPS ports
A trunk connects to backend servers published via the trunk using an HTTP or HTTPS connection
A trunk can receive requests from endpoint devices over HTTP or HTTPS
You can create a portal for a trunk (either using the default UAG portal page or a customized portal page)
You can publish multiple applications via a trunk. Endpoint devices type the host name of the trunk portal in a browser to connect.
You can use authorization to restrict access to portal applications to specific users and groups only)
You can publish a single Web application in a trunk. Endpoint devices type the application-specific host name to connect to the application.
In an array of UAG servers, all array members share the same trunks. For load balanced traffic, each trunk has a unique VIP. Traffic arriving at the trunk can be served by any array member.

Deployment:

To deploy a trunk you:

Create an HTTP or HTTPS trunk using the New Trunk Wizard. HTTPS trunks need a server certificate to authenticate the UAG server to clients connecting to the trunk.
You can publish a number of Web applications; non-Web applications; remote VPN access to the corporate network; remote access to internal file servers and shares via a trunk
You can control access to a trunk by:
- Authenticating clients for trunk access
- Verifying endpoint device health against UAG access controls or NAP policies
- Authorizing users and groups for access to specific portal applications
After creating a trunk with the wizard, you can configure trunk property pages including: IP addresses, public host name, session authentication requirements, anonymous access, session settings, logoff settings, access policies, traffic inspection

Operations:

Managing a trunk consists of:

Adding and removing applications from a trunk portal
Defining infrastructure servers used by the trunk - including certificates, NPS servers, and authentication servers
Tweaking trunk settings

More info

Understanding Forefront UAG architecture: http://technet.microsoft.com/en-us/library/ee690443.aspx
Publishing design guide: http://technet.microsoft.com/en-us/library/dd857279.aspx
Publishing deployment guide: http://technet.microsoft.com/en-us/library/ee406199.aspx

en-US, Forefront UAG, has comment, Has TOC, HTTP, HTTPS, publishing, trunks, UAG

| |

Comments

Ahmed Nabil Mahmoud

16 Mar 2012 3:15 AM

Good Introduction/Summary to Trunks Rayne