none
UAG Trunk within another trunk RRS feed

  • Question

  • Ok, heres the situation:

    First off, I'm a total UAG newb. I didn't even know this existed until last week.

    I have published a HTTPS trunk in my home lab with UAG. The lab connection has only a single IP. Currently I am running exchange 2010 with EAS/OA/ECP and autodiscover through this. In order to allow my winmo 6.1 device to access EAS, I have disabled component installation on this trunk, and am not running a portal site on it. However, after looking at the portal functionality, I would like to deploy this functionality as well.

    My thoughts on this are:

    1) If I could bypass the component installation and checking on the exchange applications, I would just use a new portal type application in this trunk. I would like to use host headers to route the traffic properly. IE: mail.domainname.com goes to the exchange applications, and portal.domainname.com goes to the portal.

    2) Since I have not been able to figure out how to accomplish item #1, I thought it would be just as easy to publish a trunk within the 1st trunk and publish a portal there. This has not worked well either.

    Any thoughts on how to accomplish this would be much appreciated.



    Update: I figured out on #2 that I can use the "application specific hostname" to route, but now am receiving "You are not authorized to access this application" and no login page as I had hoped I would get.
    Monday, August 15, 2011 7:10 PM

Answers

  • Hi xpingjockey2,

    normaly you shouldn't need to deaktivate the component installation on your trunk.

    When using the UAG wizards for publishing EAS, the created rules will have an option set, which allows the EAS clients to "bypass trunk authentication". This option will disable  "component installation", "device inspection" and "Forms authentication" for your EAS clients when accessing EAS releated ressources.

    So i would recommend you to recreate the entire Trunk and EAS rules from the scratch and start troubleshooting why the "bypass trunk authentication" option didn't work for you.

    BTW: Here is a good white paper which describes the steps needed to publish an Exchange server with UAG.

    http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=8946 

    -Kai

     

    • Proposed as answer by Kai Wilke Monday, August 22, 2011 12:02 PM
    • Marked as answer by Erez Benari Friday, August 26, 2011 10:31 PM
    Tuesday, August 16, 2011 6:42 AM

All replies

  • Ok, so now I'm getting a 500 internal server error on portal.domainname.com. Any help?

    I've disabled all the character rules.

    This is what I see in the IIS logs:

    2011-08-15 22:48:48 W3SVC3 servername ipaddressinternal GET / - 443 - sourceipaddress HTTP/1.1 Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+6.1;+WOW64;+Trident/4.0;+SLCC2;+.NET+CLR+2.0.50727;+.NET+CLR+3.5.30729;+.NET+CLR+3.0.30729;+Media+Center+PC+6.0;+InfoPath.2;+.NET4.0C;+MS-RTC+LM+8) WhlPII=2;+;+NLSessionSportal=jvlIWsWUqUL50sI/yYzJEq5oRhLYY5O5CriN9n0Dcl4weif+7oMIrGdjrCnMBmGzgP1yUy/ScGwNi5WNEieckoWWTYqzoBb3YZ/76Y/Mj2gVTretnQP3Y0yCaFa81xDx - portal.domainname.com 500 0 13 57

    Monday, August 15, 2011 10:45 PM
  • Hi xpingjockey2,

    normaly you shouldn't need to deaktivate the component installation on your trunk.

    When using the UAG wizards for publishing EAS, the created rules will have an option set, which allows the EAS clients to "bypass trunk authentication". This option will disable  "component installation", "device inspection" and "Forms authentication" for your EAS clients when accessing EAS releated ressources.

    So i would recommend you to recreate the entire Trunk and EAS rules from the scratch and start troubleshooting why the "bypass trunk authentication" option didn't work for you.

    BTW: Here is a good white paper which describes the steps needed to publish an Exchange server with UAG.

    http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=8946 

    -Kai

     

    • Proposed as answer by Kai Wilke Monday, August 22, 2011 12:02 PM
    • Marked as answer by Erez Benari Friday, August 26, 2011 10:31 PM
    Tuesday, August 16, 2011 6:42 AM