<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic UAG not redirecting external https traffic to connection server in VMware Horizon Discussions</title>
    <link>https://communities.vmware.com/t5/VMware-Horizon-Discussions/UAG-not-redirecting-external-https-traffic-to-connection-server/m-p/2820909#M17277</link>
    <description>&lt;P&gt;Trying to replace Horizon Security server with UAG.&amp;nbsp; Everything works after test deployment, able to connect to VDI from external network.&amp;nbsp; The only thing that's not working is our external remote webpage.&amp;nbsp; &lt;A href="https://remote.domain.com" target="_blank" rel="noopener"&gt;https://remote.mydomain.com&lt;/A&gt;&lt;/P&gt;&lt;P&gt;In the current environment, external IP for "remote" is NAT to the Security server.&amp;nbsp;&lt;SPAN&gt;Internally, "remote" is routed to the Connection server.&amp;nbsp; My assumption is that the external traffic hits our firewall, then forward to Sec server, then pass to Connection server and back.&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;Verified the firewall nor any internal security is blocking the traffic as everything works when external traffic is routed through Sec server, but if I NAT the traffic to UAG, &lt;A href="https://remote.mydomain.com" target="_blank" rel="noopener"&gt;https://remote.mydomain.com&lt;/A&gt;&amp;nbsp;comes up as site not reachable.&amp;nbsp;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Ran "curl &lt;A href="https://remote.mydomain.com&amp;quot;" target="_blank" rel="noopener"&gt;https://remote.mydomain.com"&lt;/A&gt;&amp;nbsp;command from the UAG console and receive the following message&lt;/P&gt;&lt;P&gt;&lt;SPAN&gt;curl: (60) SSL cert problem: unable to get local issuer certificate.&amp;nbsp;&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;&lt;SPAN&gt;curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it.&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;&lt;SPAN&gt;Could this be the reason UAG is not passing the request to Connection Server?&amp;nbsp; If so, how can I fix this as we don't plan to use&amp;nbsp;&lt;/SPAN&gt;&lt;SPAN&gt;a SSL from trusted CA.&lt;/SPAN&gt;&lt;/P&gt;</description>
    <pubDate>Tue, 05 Jan 2021 19:50:06 GMT</pubDate>
    <dc:creator>EecITSupport</dc:creator>
    <dc:date>2021-01-05T19:50:06Z</dc:date>
    <item>
      <title>UAG not redirecting external https traffic to connection server</title>
      <link>https://communities.vmware.com/t5/VMware-Horizon-Discussions/UAG-not-redirecting-external-https-traffic-to-connection-server/m-p/2820909#M17277</link>
      <description>&lt;P&gt;Trying to replace Horizon Security server with UAG.&amp;nbsp; Everything works after test deployment, able to connect to VDI from external network.&amp;nbsp; The only thing that's not working is our external remote webpage.&amp;nbsp; &lt;A href="https://remote.domain.com" target="_blank" rel="noopener"&gt;https://remote.mydomain.com&lt;/A&gt;&lt;/P&gt;&lt;P&gt;In the current environment, external IP for "remote" is NAT to the Security server.&amp;nbsp;&lt;SPAN&gt;Internally, "remote" is routed to the Connection server.&amp;nbsp; My assumption is that the external traffic hits our firewall, then forward to Sec server, then pass to Connection server and back.&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;Verified the firewall nor any internal security is blocking the traffic as everything works when external traffic is routed through Sec server, but if I NAT the traffic to UAG, &lt;A href="https://remote.mydomain.com" target="_blank" rel="noopener"&gt;https://remote.mydomain.com&lt;/A&gt;&amp;nbsp;comes up as site not reachable.&amp;nbsp;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Ran "curl &lt;A href="https://remote.mydomain.com&amp;quot;" target="_blank" rel="noopener"&gt;https://remote.mydomain.com"&lt;/A&gt;&amp;nbsp;command from the UAG console and receive the following message&lt;/P&gt;&lt;P&gt;&lt;SPAN&gt;curl: (60) SSL cert problem: unable to get local issuer certificate.&amp;nbsp;&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;&lt;SPAN&gt;curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it.&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;&lt;SPAN&gt;Could this be the reason UAG is not passing the request to Connection Server?&amp;nbsp; If so, how can I fix this as we don't plan to use&amp;nbsp;&lt;/SPAN&gt;&lt;SPAN&gt;a SSL from trusted CA.&lt;/SPAN&gt;&lt;/P&gt;</description>
      <pubDate>Tue, 05 Jan 2021 19:50:06 GMT</pubDate>
      <guid>https://communities.vmware.com/t5/VMware-Horizon-Discussions/UAG-not-redirecting-external-https-traffic-to-connection-server/m-p/2820909#M17277</guid>
      <dc:creator>EecITSupport</dc:creator>
      <dc:date>2021-01-05T19:50:06Z</dc:date>
    </item>
    <item>
      <title>Re: UAG not redirecting external https traffic to connection server</title>
      <link>https://communities.vmware.com/t5/VMware-Horizon-Discussions/UAG-not-redirecting-external-https-traffic-to-connection-server/m-p/2855749#M17309</link>
      <description>&lt;P&gt;Ciao&amp;nbsp;&lt;/P&gt;&lt;P&gt;&lt;SPAN class="VIiyi"&gt;&lt;SPAN class="JLqJ4b ChMk0b"&gt;&lt;SPAN&gt;In the UAG configurations in general settings, are the settings of the horizon server all green?&lt;/SPAN&gt;&lt;/SPAN&gt;&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;&lt;span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="fabio1975_0-1625406000124.png" style="width: 999px;"&gt;&lt;img src="https://communities.vmware.com/t5/image/serverpage/image-id/89862i18CBCA6A59CEEC25/image-size/large/is-moderation-mode/true?v=v2&amp;amp;px=999" role="button" title="fabio1975_0-1625406000124.png" alt="fabio1975_0-1625406000124.png" /&gt;&lt;/span&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;On the settings, when you need to insert the Connection Server URL,&amp;nbsp;w&lt;SPAN class="VIiyi"&gt;&lt;SPAN class="JLqJ4b ChMk0b"&gt;&lt;SPAN&gt;hich certificate did you insert the thumbprint into the configuration?&lt;/SPAN&gt;&lt;/SPAN&gt;&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;&lt;span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="fabio1975_1-1625406211755.png" style="width: 999px;"&gt;&lt;img src="https://communities.vmware.com/t5/image/serverpage/image-id/89863i93E0BA7EF46276F0/image-size/large/is-moderation-mode/true?v=v2&amp;amp;px=999" role="button" title="fabio1975_1-1625406211755.png" alt="fabio1975_1-1625406211755.png" /&gt;&lt;/span&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;</description>
      <pubDate>Sun, 04 Jul 2021 13:44:53 GMT</pubDate>
      <guid>https://communities.vmware.com/t5/VMware-Horizon-Discussions/UAG-not-redirecting-external-https-traffic-to-connection-server/m-p/2855749#M17309</guid>
      <dc:creator>fabio1975</dc:creator>
      <dc:date>2021-07-04T13:44:53Z</dc:date>
    </item>
    <item>
      <title>Re: UAG not redirecting external https traffic to connection server</title>
      <link>https://communities.vmware.com/t5/VMware-Horizon-Discussions/UAG-not-redirecting-external-https-traffic-to-connection-server/m-p/2855754#M17310</link>
      <description>&lt;P&gt;Curl command is the correct test done to check the cause of failure.&lt;/P&gt;&lt;P&gt;You need to make sure the Destination Connection server under Edge setting Green. In case if it is not, it could be due to UAG unable to reach the Connection server via FQDN or IP or the SSL thumbprint may be incorrect.&lt;BR /&gt;&lt;BR /&gt;Sometime there is a space in front of the thumbprint which case copied while copying the thumbprint and it is hidden. Use the Delete/Space key to delete any hidden character infront of the thumbprint.&lt;/P&gt;</description>
      <pubDate>Sun, 04 Jul 2021 18:58:50 GMT</pubDate>
      <guid>https://communities.vmware.com/t5/VMware-Horizon-Discussions/UAG-not-redirecting-external-https-traffic-to-connection-server/m-p/2855754#M17310</guid>
      <dc:creator>SurajRoy</dc:creator>
      <dc:date>2021-07-04T18:58:50Z</dc:date>
    </item>
  </channel>
</rss>

