VMware Official Links for UAG 3.3
Release NotesSoftware Download
What's New in This Release
VMware Unified Access Gateway 3.3 provides the following new features and enhancements:
- Removed dependency on Network Protocol Profile (NPP) - It is no longer necessary to set up an NPP or an IP Pool to deploy Unified Access Gateway. Instead, the IPv4 netmask, IPv6 prefix, and default gateway are specified when Unified Access Gateway is deployed. This helps with improved vSphere deployment flexibility.
- Added support for mixed IPv4 and IPv6 clients - Unified Access Gateway supports more flexible options for IPv4 and IPv6 networking on each network interface card (NIC). IPv6 clients can now connect to IPv4 back-end infrastructure through Unified Access Gateway.
- Large virtual machine sizing option is added for Workspace One deployments.
- Support for device certificate-based authentication for Web Reverse Proxy edge service.
- Separate audit log file introduced for logging all admin-related activities for easy security audit.
- Upload of trusted SSL certificates of respective back-end servers is added for Horizon, Web Reverse Proxy, and Content Gateway edge services.
- CRL support for client certificate revocation check is added.
Known Issues
- If you use a self-signed certificate on Unified Access Gateway, you may not be able to access the Horizon desktop with Microsoft Edge Browser.
Workaround: Use a valid domain certificate and use port 443 for Blast external url. Do not use port 8443.
- Deployment of Unified Access gateway through HTML 5 UI of vSphere 6.7 fails. Use Flex UI instead to deploy Unified Access Gateway.
- The Enable Windows SSO setting can be used for Horizon RADIUS authentication in cases where the user enters their AD domain username and password for the RADIUS login username and passcode. This setting then allows Unified Access Gateway to skip the normal Windows password prompt which normally happens after successful RADIUS authentication.
If the Horizon Connection Server is configured with a pre-login disclaimer message, this feature does not work. If a pre-login message is configured on Connection Server then the user will be required to enter their domain password in the subsequent prompt.
Workaround: Configure Unified Access Gateway for pass-through authentication and configure RADIUS on the Connection Server. You can also configure a pre-login message on the Connection Server such as "Use the same user name and password for RADIUS and Windows authentication" setting.
Workaround: Use a valid domain certificate and use port 443 for Blast external url. Do not use port 8443.
If the Horizon Connection Server is configured with a pre-login disclaimer message, this feature does not work. If a pre-login message is configured on Connection Server then the user will be required to enter their domain password in the subsequent prompt.
Workaround: Configure Unified Access Gateway for pass-through authentication and configure RADIUS on the Connection Server. You can also configure a pre-login message on the Connection Server such as "Use the same user name and password for RADIUS and Windows authentication" setting.
Comments
Post a Comment