Unified Gateway Deployment Using Powershell

ukcsr · ‎03-25-2020

I am deploying UAG 3.9 using the powershell scripts supplied by VMware (as per Using PowerShell to Deploy VMware Unified Access Gateway ), but the scripts don't seem to work with v3.9 of the UAG. The DeploymentOption attribute in the OVA is no longer supported so the sections looking for onenic, twonic of threenic dont work. To get this to work I have modified the uagdeploy.ps1 script to avoid this deployment option. I changed these:

Remove line 201 $ovfOptions += " --deploymentOption=$deploymentOption"

Remove the switch statement in line 191 and just leave the three nic options

markbenson

chriskoch99 · ‎03-28-2020

I'm deploying UAG v3.9 in one NIC mode just fine with PowerShell. Are you using the correct version of the PowerShell scripts? You have to download them on the same page as the UAG .ovf file. The current version has some code changes compared to others.

ukcsr · ‎03-30-2020

Hi,

Thanks for your reply. Yes I've double checked the powershell script and OVA version are from the same location. Could you confirm the version of the OVA you have? The one I downloaded was released on 20th March so is very new, the filename I am using is euc-unified-access-gateway-3.9.0.0-15751318_OVF10.ova

The OVA is just reporting it doesnt support the "DeploymentOption" attribute. If I get some time I'll crack open the OVA and see

j_dubs · ‎04-09-2020

Hi,

We have this working in our environment. Using the same iso, and latest powershell deploy package.

We tend to pass in just about every config option we need in the .ini, so here is an example of our [General] section which handles all the network configs.

This should get you up and running in one-nic mode. Most of these are the defaults anyway.

[General]

source=D:\temp\uagdeploy\euc-unified-access-gateway-3.9.0.0-15751318_OVF10.ova

target=vi://<deploy target in vc>

ds=<ds in vc>

diskMode=eagerZeroedThick

netInternet=<your pg in vc>

netManagementNetwork=<same pg as above>

netBackendNetwork=<same pg as above>

ip0=x.x.x.x

defaultGateway=x.x.x.x

netmask0=255.255.255.0

ip0AllocationMode=STATICV4

name=<vcenter name>

deploymentOption=onenic

forceNetmask0=255.255.255.0

authenticationTimeout=300000

fipsEnabled=false

sysLogType=UDP

uagName=<uag hostname>

clockSkewTolerance=600

syslogAuditUrl=syslog://x.x.x.x:514

locale=en_US

tls12Enabled=true

ipMode=STATICV4

requestTimeoutMsec=10000

tls11Enabled=true

clientConnectionIdleTimeout=0

tls10Enabled=false

adminCertRolledBack=false

ntpServers=x.x.x.x y.y.y.y

honorCipherOrder=true

cookiesToBeCached=none

snmpEnabled=false

healthCheckUrl=/favicon.ico

quiesceMode=false

syslogUrl=syslog://x.x.x.x:514

dns=x.x.x.x y.y.y.y

isCiphersSetByUser=false

tlsPortSharingEnabled=true

ceipEnabled=false

bodyReceiveTimeoutMsec=15000

monitorInterval=60

cipherSuites=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA

adminPasswordExpirationDays=<# of days for admin password before expire>

httpConnectionTimeout=120

dnsSearch=omers.com

isTLS11SetByUser=false

sessionTimeout=36000000

ssl30Enabled=false

fallBackNtpServers=x.x.x.x