locked
UAG Portal not accessible from 'External' RRS feed

  • Question

  • Hi All

    I've created a UAG server to serve Portal, FileAccess and RDS services in the first instance. I've set this up so there are both internal and external trunks. The Internal trunk works without issue while the External trunk only responds to requests from clients on the same VLAN it seems (which there aren't by default, i've used a static address on a laptop for testing).

    The strange thing is that TMG logs do not show any activity from anything outside of the External VLAN either. A previous post had a similar issue where IPSEC policy was to blame and this seems promising but I've not found the root casue as yet.

    Browsing to the website returns the standard 'Internet Explorer cannot display the webpage' .. the problem can be casued by a variety of issues...

    Any help/advice/suggestions appreciated thanks

     

    Thursday, April 7, 2011 11:12 AM

Answers

  • In that case, it sounds like there is a problem with your external NIC default gateway or your VLAN routing setup. From the UAG server itself, can you access a machine or network that is behind your external default gateway? 

    If you can access UAG on the external VLAN, this indicates UAG is fucntioning ok and you have basic layer 2 access. If you cannot access UAG outside of the VLAN you must have an issue getting from the client VLAN to UAG or UAG cannot return traffic from the external VLAN back to the client VLAN. Hence, these are layer 3 (routing) problems.

    Cheers

    JJ


    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    • Marked as answer by Erez Benari Tuesday, May 10, 2011 12:16 AM
    Thursday, April 7, 2011 2:38 PM

All replies

  • How are NICs configured?

    Do you have the default gateway on the external NIC?

    Cheers

    JJ


    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    Thursday, April 7, 2011 1:03 PM
  • Hi JJ

    External has IP,Subnet Mask, Default Gateway, No DNS server entries, NetBIOS over TCP/IP disabled. Client for MS Networks and File and Printer not enabled.

    Internal has no default gateway, has DNS and the above items enabled.

    Internal is first in Binding Order list.

    Cheers

    Thursday, April 7, 2011 1:43 PM
  • In that case, it sounds like there is a problem with your external NIC default gateway or your VLAN routing setup. From the UAG server itself, can you access a machine or network that is behind your external default gateway? 

    If you can access UAG on the external VLAN, this indicates UAG is fucntioning ok and you have basic layer 2 access. If you cannot access UAG outside of the VLAN you must have an issue getting from the client VLAN to UAG or UAG cannot return traffic from the external VLAN back to the client VLAN. Hence, these are layer 3 (routing) problems.

    Cheers

    JJ


    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    • Marked as answer by Erez Benari Tuesday, May 10, 2011 12:16 AM
    Thursday, April 7, 2011 2:38 PM
  • Thanks JJ my thoughts exactly. Now if I can just convince those networking people of the same ... <sigh>.
    Monday, April 11, 2011 8:22 AM
  • Hello,

    I have been experiencing what appears to be an identical issue with our environement.

    I need to flesh out an explanation of the problem in more detail.

    I haven't been able to find any more information about the issue on the web.

    What I am struggling with in particular is that existing IIS servers on the same network as our UAG servers external interface do not experience the same problem.

    Any pointers would be gratefully received.

    Simon.

    Wednesday, January 18, 2012 1:05 PM