locked
UAG NLB + Internal Adapter Issue RRS feed

  • Question

  • Hello,

    First, a brief description of my two issues. Then a description of our environment.

    Issue #1 - NLB status between my two UAG nodes is always 'Unknown'.
    Issue #2 - When launching UAG Management Console on my Array Manager, I always receive the following error: "The IP address (192.168.10.2) previously configured on the adapter associated with the internal network was removed. A new IP address (10.200.0.53) was detected on an internal network adapter. Click Yes to specify that Forefront UAG use the new IP address. If you click No, UAG might not work as expected."

    Now, a description of our environment.

    Two UAG/TMG servers load balanced via Microsoft NLB. Both running Windows 2008 R2, TMG SP2, and UAG SP4. Adapter information is below. I won't bother listing off which have DNS servers, etc, but I followed the UAG best practice. The external IP is obviously fake, and is used for example purposes.

    UAG-SERVER-1

    Internal Adapter 1 - 10.60.10.164 (no gateway, only static route)
    Internal Adapter 2 - 10.200.0.53 (no gateway, only static route)
    Unassigned Adapter 1 - 192.168.10.2 (no gateway, no static route as the servers are directly connected. Used for NLB)
    External Adapter 1 - 4.4.4.3 - gateway set to 4.4.4.1


    UAG-SERVER-2

    Internal Adapter 1 - 10.60.10.165 (no gateway, only static route)
    Internal Adapter 2 - 10.200.0.54 (no gateway, only static route)
    Unassigned Adapter 1 - 192.168.10.3 (no gateway, used for NLB)
    External Adapter 1 - 4.4.4.4 - gateway set to 4.4.4.1


    Within TMG, under 'Firewall > Managed Server Computers' I have the 10.60.10.x addresses for each UAG server listed, as this is their primary internal interface. The 10.200.0.x IP addresses are for a secondary network that they require access to, so it is not listed here.

    Under 'System > Servers', I have both UAG servers listed. Under 'Remote Communication' for each server, their FQDN is selected. Under 'Intra-Array Communication', the IP address is set to the NLB address of 192.168.10.2 and 192.168.10.3 for each node, respectively.

    When launching UAG Management Console, the error from Issue #2 is displayed. I am forced to select 'Yes', at which point UAG displays this message: "The IP address associated with the internal adapter was updated to 10.200.0.53. On each array member, run the Array Management Wizard to change the array manager settings to the new address". However, I do not want this address to be the address used for 'Intra-Array Communication', nor for NLB.

    At that point, the 'Intra-Array Communication' IP addresses under the 'System > Communication' tab in TMG changes from the 192.168.10.x addresses to the 10.200.0.x addresses. It is my understanding that 'Intra-Array Communication' should be the NLB IP, as they should be communicating with each other via that IP. Is this not the case, should it be the IP address of one of the two internal adapters? I also assume this is leading to the NLB status of 'Unknown'.

    If anybody sees something that stands out, or has experience with this issue or a similar one, I would greatly appreciate some guidance.

    Thank you all very much in advance.


    Sunday, August 17, 2014 4:44 PM

All replies

  • Hi,

    First of all, UAG only supports the use of two network interfaces (External and Internal). UAG also does not support a third adapter for Intra-Array Communication. refer to the following link for more information:

    System requirements for Forefront UAG servers
    http://technet.microsoft.com/en-us/library/dd903051.aspx

    I don't know exactly what is changed, I need to see that myself. But you are using more than two network interfaces, so apparently something seems to have changed since you are prompted with issue #2. Keep in mind that there are some limitations ore procedures on IP Address changes. See the following link for more information:

    Troubleshooting IP address changes
    http://technet.microsoft.com/en-us/library/ff607458.aspx 

    I hope this information can help you solve your issues.

    Boudewijn


    Boudewijn Plomp, BPMi Infrastructure & Security | Please remember, if you see a post that helped you please click "Vote as Helpful" and if it answered your question, please click "Mark as Answer".

    • Proposed as answer by Boudewijn Plomp Wednesday, October 15, 2014 2:10 PM
    Friday, September 19, 2014 7:47 PM