Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Expand
titleTunnel with UAG...

Basic Install (1x UAG)

Source ComponentSource ServerSource IPDestination ComponentDestination ServerDestination IPProtocolPortDescription
Devices (from Internet & Wi-Fi)

AirWatch Tunnel Endpointtunnele.company.com#.#.#.#TCP8443For Tunnel PerAppVpn
Devices (from Internet & Wi-Fi)

AirWatch Tunnel Endpointtunnele.company.com#.#.#.#HTTPS2020For Tunnel Proxy (legacy) 
Devices (from Internet and Wi-Fi)

AirWatch Content Gateway Relaycontente.company.com#.#.#.#HTTPS443For Content Gateway
AirWatch Console ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)AirWatch Content Gateway contente.company.com#.#.#.#HTTPS443For Content Gateway
AirWatch Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)AirWatch Content Gateway contente.company.com#.#.#.#HTTPS443For Content Gateway
AirWatch Console ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)AirWatch Tunnel Front-Endtunnele.company.com#.#.#.#HTTPS2020For Proxy Test Connection from the Console
AirWatch Tunnel/CG tunnelendpoint.fqdn.com#.#.#.#AirWatch Cloud Messaging Serverawcm.awmdm.comAirWatch IP RangeHTTPS443 / 2001(on-prem)
AirWatch Tunnel/CGtunnelendpoint.fqdn.com#.#.#.#AirWatch REST API as.awmdm.comAirWatch IP RangeHTTPS443For general commands and for SEG Component
AirWatch Tunnel Endpointtunnelendpoint.fqdn.com#.#.#.#Internal Resources

variesvariesTunnel needs to be able to reach any desired destination you wish to give devices access to 
Browser (for admin access)

UAG servertunnelendpoint.fqdn.com#.#.#.#HTTPS9443For access to UAG administrative portal
AWCMAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)UAG servertunnelendpoint.fqdn.com#.#.#.#
11443For SEG Component
SEG API REST Client

UAG servertunnelendpoint.fqdn.com#.#.#.#
44444SEG REST API (UAG Management NIC Affinity)
(SEG 2-node Cluster)tunnelendpoint.fqdn.com#.#.#.#UAG servertunnelendpoint.fqdn.com#.#.#.#

TCP 5701
TCP 41232

Ports need to be open BOTH WAYS between nodes.
+Distributed Cache
+Commumnication between SEG in cluster

Both ports have internal NIC affinity.

Cascade Install (2x UAG)

Source ComponentSource ServerSource IPDestination ComponentDestination ServerDestination IPProtocolPortDescription
Devices (from Internet & Wi-Fi)

AirWatch Tunnel Front-Endtunnelr.company.com#.#.#.#TCP8443For PerAppVpn
Devices (from Internet and Wi-Fi)

AirWatch Content Gateway Relaycontentr.company.com#.#.#.#HTTPS443For Content Gateway
Devices (from Internet & Wi-Fi)

AirWatch Tunnel Front-Endtunnelr.company.com#.#.#.#HTTPS, TCP2020For Tunnel Proxy (Legacy)
AirWatch Console ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)AirWatch Tunnel Front-Endtunnelr.company.com#.#.#.#HTTPS2020For Proxy Test Connection from the Console 
AirWatch Console ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)AirWatch Content Gateway Relaycn.awmdm.com#.#.#.#HTTPS443
AirWatch Device Services ServerAirWatch Hosted (SaaS)AirWatch Hosted (SaaS)AirWatch Content Gateway Relaycn.awmdm.com#.#.#.#HTTPS443
AirWatch Tunnel Front-Endtunnelrelay.fqdn.com#.#.#.#AirWatch Tunnel Back-Endtunnele.company.com#.#.#.#HTTPS2010For Proxy (e.g. Airwatch Browser)
AirWatch Tunnel Front-Endtunnelrelay.fqdn.com#.#.#.#AirWatch Tunnel Back-Endtunnele.company.com#.#.#.#TCP8443For PerAppVpn
AirWatch Content Gateway Relaycgrelay.fqdn.com#.#.#.#AirWatch Content Gateway Endpointcontente.company.com#.#.#.#HTTPS443
AirWatch Tunnel Front-Endtunnelrelay.fqdn.com#.#.#.#AirWatch Cloud Messaging Serverawcm.awmdm.comAirWatch IP RangeHTTPS443 / 2001(on-prem)
AirWatch Tunnel/CG Front-Endtunnelrelay.fqdn.com#.#.#.#AirWatch REST API as.awmdm.comAirWatch IP RangeHTTPS443
AirWatch Tunnel/CG Back-Endtunnelendpoint.fqdn.com#.#.#.#AirWatch Cloud Messaging Serverawcm.awmdm.comAirWatch IP RangeHTTPS443 / 2001(on-prem)
AirWatch Tunnel/CG Back-Endtunnelendpoint.fqdn.com#.#.#.#AirWatch REST API as.awmdm.comAirWatch IP RangeHTTPS443
AirWatch Tunnel/CG Back-Endtunnelendpoint.fqdn.com#.#.#.#Internal Resources

variesvariesTunnel needs to be able to reach any desired destination you wish to give devices access to 
Browser (for admin access)

UAG Front-Endtunnelrelay.fqdn.com#.#.#.#HTTPS9443For access to UAG administrative portal
Browser (for admin access)

UAG  Back-Endtunnelendpoint.fqdn.com#.#.#.#HTTPS9443For access to UAG administrative portal

...