Reply to Message

View discussion in a popup

Replying to:
medvmwadm
Enthusiast
Enthusiast

If you plan on having connection brokers on your DMZ, why do you need UAGs? You can have both but it seems to defeat the purpose. You use connection servers on your LAN network and UAGs on your DMZ. You then configure your UAGs to route connections to your connection servers. Again yes you can but unless you have a specific use case as to why you wish to do that, i would highly advised against it. Lastly, you do not use connection servers in DMZ. Use security servers.

Just to clarify, I meant we would be deploying two UAGs in the DMZ and that is it there.  We would then have the two Connection Servers on the internal network.  So my question was, for the two UAGs in the DMZ, is it OK to use the HA feature of the UAG there (with its own VIP), and point external connections at that VIP and not have a 3rd party load balancer in the DMZ.  Then... we would put the load balancer just in front of the two Connection Servers on the internal network.  Basically then we would only be using the 3rd party load balancer in one place.

Thank you!

Reply
0 Kudos