Hi,
I'm planning on setting up a new architecture for VMware Horizon 7 VDI with UAG in DMZ and 2FA solution RADIUS-based. I would like to know more about the authentication in UAG instead of Connection Servers and RADIUS.
My understanding is now, the connection servers will not be part of the authentication process, only the UAG will communicate with the Radius server which will accept or deny the request (by asking the AD itself). So in this case, the Connection Server will not communicate with the AD anymore and will only receive request from the UAG once the user has been authenticated, right ?
I believe this diagram could summarize the communication flow :
