locked
Installing UAG remotely RRS feed

  • Question

  • Hi all,

    When installing UAG, after the installation finishs has completed TMG will block RDP connections to the server until we add the IP addresses in TMG that will be able to access the server where UAG is installed remotly.

    My question is, is there a way to bypass this, so I could do the complete installation remotly without having to configre the IP address that will be able to access via RDP in the beginning?

    Tnx all,

    Zarko

     

    Thursday, January 20, 2011 9:03 AM

Answers

  • Hi Zarko,

    AFAIK, when TMG is installed remotely, it will automatically add the IPv4 address of the machine from which you are connecting when installing it, to the Remote Management Computers set. However, you need to make sure before installing UAG (which, of course, installs TMG) that the communications between your UAG/TMG server and the machine from which you are RDP-ing is over IPv4 and not IPv6.

     

    See http://technet.microsoft.com/en-us/library/cc487898.aspx :

    IPv6 Support and remote installation

    Forefront TMG does not support IPv6. If you install Forefront TMG by using a remote desktop connection from a computer that communicates over IPv6 (the default for Windows Vista), at the end of the installation, the connection to that computer will be closed by Forefront TMG, and the computer will not be added to the Remote Management Computers computer set. It is recommended that if you perform a remote installation of Forefront TMG, you do so over an IPv4 connection.

     

    Regards,


    -Ran
    • Marked as answer by ZarkoC Monday, January 24, 2011 2:17 PM
    Thursday, January 20, 2011 10:04 AM

All replies

  • Hi Zarko,

    AFAIK, when TMG is installed remotely, it will automatically add the IPv4 address of the machine from which you are connecting when installing it, to the Remote Management Computers set. However, you need to make sure before installing UAG (which, of course, installs TMG) that the communications between your UAG/TMG server and the machine from which you are RDP-ing is over IPv4 and not IPv6.

     

    See http://technet.microsoft.com/en-us/library/cc487898.aspx :

    IPv6 Support and remote installation

    Forefront TMG does not support IPv6. If you install Forefront TMG by using a remote desktop connection from a computer that communicates over IPv6 (the default for Windows Vista), at the end of the installation, the connection to that computer will be closed by Forefront TMG, and the computer will not be added to the Remote Management Computers computer set. It is recommended that if you perform a remote installation of Forefront TMG, you do so over an IPv4 connection.

     

    Regards,


    -Ran
    • Marked as answer by ZarkoC Monday, January 24, 2011 2:17 PM
    Thursday, January 20, 2011 10:04 AM
  • Hi Ran,

    That sounds logical, but Im affraid that didnt happen in my case, i had 3 installations of UAG on virtual machines, and every time I had to connect directly to the VM after installation of UAG, and add a excepiton for RDP. The connection was IPv4.

    Rgds

    Thursday, January 20, 2011 10:34 AM
  • Were you RDP'ing from behind a NAT device?

    I have seen TMG take the IP address from the RDP session which shows the RPD clients real IP adddress. However, when using RDP TMG will see you NAT'd address and consequently you will not be able to connect...had this a few times before with ISA/TMG.

    Cheers

    JJ


    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    Friday, January 21, 2011 12:09 AM
  • Noup, no NAT. I realy dont know why that is happening, thats why i wanted to ask, just to see if this iis by design or someting is wrong on my side.
    Friday, January 21, 2011 8:17 AM