VMware Horizon Community
jayji831
Contributor
Contributor

changing default ports on UAG

I want to change the default port from 443 for Horizon login on UAG to 4443.

I did change the port 443 to 4443 on Horizon Connection Server already.

But UAG still listens to 443 port for Horizon login.

Any idea?

 

Reply
0 Kudos
6 Replies
mrkasius
Hot Shot
Hot Shot

Hi @jayji831 ,

You can change the port in the UAG Admin UI

  1. In the Configure Manually section of the UAG Admin UI, click Select.
  2. In the General Settings section, for Edge Service Settings, click Show.
  3. Click the Horizon Settings gearbox icon.
  4. Change the Connection Server URL to https://<ip address>:4443
Reply
0 Kudos
jayji831
Contributor
Contributor

Thank you for your reply.

I tried that already.

Connection server listens to 4443 as changed and it works when connecting to the connection server directly.

But UAG still works with 443 even though I changed it to 4443.

 

jayji831_0-1652686406917.png

 

 

Reply
0 Kudos
mrkasius
Hot Shot
Hot Shot

Did you also change the Blast External URL and Tunnel External URL to :4443?

Reply
0 Kudos
jayji831
Contributor
Contributor

No. Not yet. I have it as default.

But I think changing Blast ports doesn't have anything to do with it because I can't even access to horizon login prompt with port 4443 that I changed.

Reply
0 Kudos
Mickeybyte
Hot Shot
Hot Shot

I don't think you will be able to change that port for authentication. Not in a supported way I think.

Are you using NAT to forward incoming connections to the UAG? If so, you could do <externalIP:4443> <NAT-TO> <UAGIP:443>.

 


Regards,
Mickeybyte (ITPro blog)

If you found this comment useful or an answer to your question, please mark as 'Solved' and/or click the 'Kudos' button, please ask follow-up questions if you have any.
Reply
0 Kudos
shcho_korea
Contributor
Contributor

I appreciate Jay for researching this topic on behalf of me. 

Also, thanks for your thoughtful comments, guys. 

I even tried manipulating the basic listening port with reinstalling an UAG with an option like the following screenshot, which ended up with no luck.

1652922860.5206.png

I will conclude that this is not possible without any additional layer like NAT as Mickey mentioned. 

Reply
0 Kudos