VMware Horizon Community
jrhaakenson
Enthusiast
Enthusiast
‎04-03-2020 10:10 AM
Jump to solution

UAG Gateway Unknown Not Registered in Horizon 7

I just installed a UAG 3.9 and am running Horizon Connection Server 7.12.  All my Horizon Settings are green in the UAG to include PCOIP, Tunnel, Blast, UDP Tunnel Server, and most importantly Horizon Destination Server.  It appears I'm all green with connectivity to my CS.  When I register my UAG in the Horizon CS Admin console under Servers->Gateways, it remains unknown.  The Version and IP Address are listed as N/A and it is unknown on the Dashboard.  It is listed as External in the Gateway section of the Horizon CS Admin console.  My UAG Name in the System Configuration Advanced Settings matches the name registered in the Horizon CS.  They are both the FQDN of the UAG Appliance.  Why won't it register as a Gateway with the Connection Server? 

1 Solution

Accepted Solutions
jrhaakenson
Enthusiast
Enthusiast
‎04-07-2020 09:10 AM
Jump to solution

I've got the solution.  I had to redeploy my UAG Appliance using the non-FIPS version in order for the UAG to be registered as a Gateway Server in the Connection Server.  My Connection Server was most likely deployed in a non-FIPS configuration as well.  At this time, I don't think I have a requirement to use the FIPS deployment so I should be fine.  Interesting enough, the non-FIPS version of UAG has all the manual configuration options available whereas the FIPS version had most of them grayed out.  It seems like the non-FIPS version has more capability and manual configuration options available.

I successfully connected to my UAG with the Horizon Client and it displayed all of my Connection Server Desktop Pools.  I initially had some certificate issues.  I'll need to get a trusted cert for my Connection Server and import it to the UAG as well, but the certificate issues can be ignored by accessing the settings menu in the Horizon Client while disconnected from a server.  Menu->Configure SSL...->Do not verify server identity certificates.  I then had one final issue when selecting a Desktop in the Horizon Client, where the connection was attempted but then closed with the error "The connection to the remote computer ended".  This was caused by an incorrect configuration in my UAG Horizon Settings where I initially had the PCOIP External URL configured as the Connection Server's IP:4172 rather than the UAG External IP:4172.  I also incorrectly had the Blast External URL and the Tunnel External URL incorrectly configured as the Connection Server's URL https:FQDN:443 rather than the UAG's URL https:FQDN:443.  So a good reminder is to configure the UAG's IP and URLs for PCOIP, Blast, and Tunnel.  I probably could have read the guides and help information a bit more closely.

But all in all, now that I'm familiar with it, it is pretty straight forward.

View solution in original post

14 Replies
a_p_
Leadership
Leadership
‎04-03-2020 11:03 AM
Jump to solution

They are both the FQDN of the UAG Appliance.

Try registering the hostname alone, i.e. not the FQDN.

André

sjesse
Leadership
Leadership
‎04-03-2020 11:08 AM
Jump to solution

You entered something wrong, either redeploy, or login to the appliance directly and look. Every time I've seen this the host name in the appliance doesn't match the host name your using.

0 Kudos
jrhaakenson
Enthusiast
Enthusiast
‎04-03-2020 11:15 AM
Jump to solution

I did.  It's currently just the host name, no domain attached in the UAG System Settings.  Unregistered and re-registered in the Connection Server.  Still unknown in the Connection server.  Still green across the board in Horizon Settings on the UAG.  My Horizon Destination Server will only connect to the Connection server if I add port 8443 on the end of the Connection Server URL.  Not sure if that has anything to do with it and that was never listed in any of the guides.  There is also no firewall between the UAG and CS.  Windows firewall on CS allows Any Any.  This is all local and a fairly simple setup.

0 Kudos
jrhaakenson
Enthusiast
Enthusiast
‎04-03-2020 11:17 AM
Jump to solution

I've checked the hostname in the appliance from the root prompt as well.  Simple 'hostname' command at the root prompt and it returns a matching name configured in the UAG System Configuration Web Console which also matches the name added as a Gateway in the Connection Server.

sjesse
Leadership
Leadership
‎04-03-2020 11:23 AM
Jump to solution

The connection server needs to be able to look up the UAG, is there dns for the UAG?

0 Kudos
jrhaakenson
Enthusiast
Enthusiast
‎04-03-2020 11:31 AM
Jump to solution

Yes it is properly configured in DNS.  Reachable by both hostname and FQDN from the Connection Server and all other clients on the domain.  The UAG can also reach the Connection Server by hostname using DNS.  I am using the UAG 3.9 FIPS deployment.  Would FIPS be causing the Gateway problem in the Connection Server I'm experiencing?

0 Kudos
ak4766
Contributor
Contributor
‎04-06-2020 06:10 PM
Jump to solution

FYI:

I've got a lab running on my laptop (yes, very slow but it's for a proof of concept) and I'm also having the same issue.  Mine however is intermittent - sometimes it connects other times not.  However, even in this unknown status as indicated in Horizon Administrator, I can still access my virtual apps and desktops so not blocking anything.  But I'd still like to know where to look to find the root cause.

Cheers.

0 Kudos
chrisdhalstead
VMware Employee
VMware Employee
‎04-07-2020 08:03 AM
Jump to solution

Check the UAG admin console and make sure that the system name matches what you have registered in the Connection Server.  It uses this and not the DNS name for the registration.

Chris Halstead
Senior Staff Architect, EUC Technical Marketing
chalstead@vmware.com
Twitter: @chrisdhalstead
jrhaakenson
Enthusiast
Enthusiast
‎04-07-2020 09:10 AM
Jump to solution

I've got the solution.  I had to redeploy my UAG Appliance using the non-FIPS version in order for the UAG to be registered as a Gateway Server in the Connection Server.  My Connection Server was most likely deployed in a non-FIPS configuration as well.  At this time, I don't think I have a requirement to use the FIPS deployment so I should be fine.  Interesting enough, the non-FIPS version of UAG has all the manual configuration options available whereas the FIPS version had most of them grayed out.  It seems like the non-FIPS version has more capability and manual configuration options available.

I successfully connected to my UAG with the Horizon Client and it displayed all of my Connection Server Desktop Pools.  I initially had some certificate issues.  I'll need to get a trusted cert for my Connection Server and import it to the UAG as well, but the certificate issues can be ignored by accessing the settings menu in the Horizon Client while disconnected from a server.  Menu->Configure SSL...->Do not verify server identity certificates.  I then had one final issue when selecting a Desktop in the Horizon Client, where the connection was attempted but then closed with the error "The connection to the remote computer ended".  This was caused by an incorrect configuration in my UAG Horizon Settings where I initially had the PCOIP External URL configured as the Connection Server's IP:4172 rather than the UAG External IP:4172.  I also incorrectly had the Blast External URL and the Tunnel External URL incorrectly configured as the Connection Server's URL https:FQDN:443 rather than the UAG's URL https:FQDN:443.  So a good reminder is to configure the UAG's IP and URLs for PCOIP, Blast, and Tunnel.  I probably could have read the guides and help information a bit more closely.

But all in all, now that I'm familiar with it, it is pretty straight forward.

BarryUWSEFS
Enthusiast
Enthusiast
‎04-07-2020 03:14 PM
Jump to solution

This happened to me and it was simple. I assumed you enter the DNS name in Horizon admin, but that did not work. In UAG advanced settings you give the UAG a "friendly" name, not the DNS name. Enter this friendly name in horizon administrator. That worked for me. It also may have mattered that I had a dash in the DNS name, but not the friendly name, not sure.

0 Kudos
BarryUWSEFS
Enthusiast
Enthusiast
‎04-07-2020 03:16 PM
Jump to solution

Credit to Carl Stalhood where I discovered this: https://www.carlstalhood.com/vmware-unified-access-gateway/

jollyrogerhook
Contributor
Contributor
‎05-07-2020 10:58 AM
Jump to solution

Just ran into this issue - and can confirm this corrected it for me. It had some autogenerated name from the PowerCLI deployment, but after adjusting it on the UAG admin console, it took a few seconds and was all good.

Thanks, Chris!

ak4766
Contributor
Contributor
‎05-13-2020 05:10 AM
Jump to solution

Thank you muchly, @BarryUWSEFS

This was indeed my issue.  I had entered the FQDN my users would go to access their apps as this is what the tool tip stated as shown below:

Type the FQDN used to which external clients will connect with the Horizon Client.

They need to change that tooltip otherwise system health will always show a 1 in there.

Cheers,

ak.

jbattini
Contributor
Contributor
‎06-08-2020 08:16 PM
Jump to solution

entering JUST the hostname for UAG and not FQDN in the CS Admin console

0 Kudos