After generating a CSR request through an IIS server, I submitted the request to Comodo and received the SSL cert, intermediate and root certs. So long has you have a valid domain registered, Comodo will provide you a single SSL cert for free that's valid for 3 months. For my implementation I used a free SSL cert from Comodo. If you have a wild card cert in PFX format, hell yeah, you're in business. If you have a solid process available for creating publicly trusted certs for your domain, awesome possum, go with that. Further, you'll need a PFX version of it, including root chain and private key, that you'll later provide to the Content Gateway node creation wizard. Unlike a deployment of VMware Tunnel on UAG, you absolutely need a valid SSL certificate for a UAG appliance acting as a Content Gateway. Finally, you'll need a valid public SSL cert on the UAG appliance. The UAG appliance must have a DNS address that resolves to a an accessible IP address. The UAG appliance itself, in Basic mode, will need access to port 445 on whatever server your CIFS share is set up on. You're certainly going to need a UAG appliance that's externally accessible over port 443. For this post I leveraged a free eval Workspace One UEM instance at. So, you'll definitely need a Workspace One UEM (AirWatch) instance. Port 445 Open On CIFS Host From UAG Appliance.Port 443 Open To World On External Interface Of UAG Appliance.Publicly Trusted SSL Cert In PFX Format For UAG Appliance.Publicly Resolvable DNS Address On UAG Appliance.This admin repository is then accessed by remote users from within Content Locker, with UAG acting as a gateway between these external users and this admin repository sitting within the trusted network. Once that's successfully completed you can begin to configure access to the CIFS share through the creation of an admin repository. (Workspace One UEM is the artist formerly known as AirWatch.) Then you deploy UAG and configure it through the Content Gateway edge services settings. The first step is to configure a content gateway node from the Workspace One UEM Console. Configure Content Gateway Settings On Unified Access Gateway.Configure A Content Gateway Node On The Workspace One UEM (AirWatch) Console.Note: For more security minded folks there's a Relay-Endpoint deployment option involving 2 UAG appliances that's an option.
0 Comments
Leave a Reply. |