locked
Routing internal users through UAG RRS feed

  • Question

  • We have published SharePoint on the UAG and want all internal users to access SharePoint through the UAG, as if they were connecting from outside our network. This is working. The problem is that we are trying to publish Office Web Apps for SharePoint and it is not working internally or externally. We followed the TechNet article "Publishing Office Web Apps Server Using a Reverse Proxy Server." Is this a supported configuration (to route all internal traffic through UAG as if the connection was external to the network)? 
    Monday, January 13, 2014 4:06 PM

Answers

  • I don't know the specifics of your setup but as you started experiencing problems when you changed the DNS record, have you tried creating hosts file entries on SPS/OWA servers pointing to the internal address so that they do not access each other through UAG?

    Hth, Anders Janson Enfo Zipper

    • Marked as answer by Vader86 Wednesday, January 15, 2014 3:20 PM
    Wednesday, January 15, 2014 9:46 AM

All replies

  • to route all internal traffic through UAG as if the connection was external to the network

    It depends on what you mean with the above. It is not supported to use UAG as a forward proxy by using the underlying TMG's functionality. If your leaves the internal network through another proxy/firewall/egress then it is supported. I would ask myself why you do this but that is another discussion.

    If it doesn't work either internally (through internal namespace?) or externally then you have configuration issue.

    Review this article and see if you can resolve it.


    Hth, Anders Janson Enfo Zipper

    Tuesday, January 14, 2014 9:22 AM
  • Thanks for your reply. The underlying setup is the following and this should clarify things a bit:

    UAG is load balancing SharePoint farm.

    Internal DNS is the same as the Public DNS to access SharePoint. (For example sp.domain.com)

    At this point Office Web Apps works normally for both internal and external users.

    Since we want users to experience the same login steps, the following was done:

    A DNS record was created internally, so that sp.domain.com resolves to the public IP of the UAG. This way everyone is going through the UAG for access regardless if they are internal or external users. This is when we started having issues. It seems that there is a loop somewhere when office web apps tries to send the document back to SharePoint.


    • Edited by Vader86 Tuesday, January 14, 2014 10:31 AM
    Tuesday, January 14, 2014 10:28 AM
  • I don't know the specifics of your setup but as you started experiencing problems when you changed the DNS record, have you tried creating hosts file entries on SPS/OWA servers pointing to the internal address so that they do not access each other through UAG?

    Hth, Anders Janson Enfo Zipper

    • Marked as answer by Vader86 Wednesday, January 15, 2014 3:20 PM
    Wednesday, January 15, 2014 9:46 AM
  • After adding a host record on the office web apps server to point to the internal IPs of the SharePoint farm things were working. Thanks for that suggestion which ultimately resolved our issue. 
    Wednesday, January 15, 2014 3:22 PM