Highlighted
Contributor
Contributor

UAG reverse proxy for VIDM

Hello,

I need help when configuring UAG reverse proxy for VIDM. I have a problem that I can not login in Indetity Manager with Windows users from the Internet, from local network everything works OK.

I have the following configuration:

  • VMware Identity Manager  3.2.0.0 Build 8016174:
    • IP: 10.10.11.171
    • FQDN: vidm-ls.domain.com
    • Certificate is wildcard signed by DigiCert
    • Appliance is joined to domain

  • Unified Access Gateway 3.2:
    • 2 NIC configuration
    • NIC 1 is for MGMT and backend network (IP: 10.10.11.170)
    • NIC 2 for public network (IP: 10.10.12.170 and create NAT to Public IP 91.10.10.10)
    • I have configured split DNS (internal DNS is idm.domain.com and is pingable from VIDM, public DNS is idm.domain.com and is pingable from internet)
    • Certificate is the same that on VIDM.
    • Reverse proxy setting are the following:

pastedImage_18.png

What do I have to set that we will work external access and Windows user login?

0 Kudos
5 Replies
Highlighted
VMware Employee
VMware Employee

How does your access policies look like on VMware Identity Manager?

0 Kudos
Highlighted
Contributor
Contributor

With system domain login works correctly but when I try login with AD domain user account the portal redirect me to local URL.

Login with system domain:

systemdomain.JPG

And try login with AD domain user account:

domenska prijava.JPG

For now is policies set to default setting:

Capture.JPG

0 Kudos
Highlighted
Enthusiast
Enthusiast

Hi!  Was just checking to see if you have this resolved?

0 Kudos
Highlighted
VMware Employee
VMware Employee

Looks like you are using legacy mode Authentication (users gets redirected to the connector). You need to use outbound only mode. You activate this by adding the seperate connector to the Built-in Identity Provider and then activate Password (Cloud Deployment). In you access policies you must aslo refer to this Password (Cloud Deployment) authentication method..

0 Kudos
Highlighted
Enthusiast
Enthusiast

Any example of this setup or guide how to do it ?

I am looking my setup and there is no obvious way to do this.

0 Kudos