Objective : Publish a website using TMG on a UAG server.
Note: Following is a proof of concept(done in a lab scenario) not a solution and not supported on a UAG server.
1. We need to unbind the IP address from http ,that we will be using in the TMG.
We have 18.104.22.168,22.214.171.124,126.96.36.199 on the UAG server external NIC.
Bindings of the IP addresses with websites in IIS
188.8.131.52-portal(portal published through the UAG server).
127.0.0.1 used by UAG to access websites on the local IIS server.
184.108.40.206- to be used in TMG web publishing.
2. To unbind the one IP address i.e. 220.127.116.11 from http(so that it can be used in TMG) we need to follow a process. By default IIS on UAG server listen on all the IP addresses as shown below on ports 443 and 80
3. We will change this behavior by making IIS to listen on only few IP addresses and allow other IP addresses to be used by other services. Here we will make IIS to listen only on 18.104.22.168, 22.214.171.124 and 127.0.0.1. To achieve that we use follow commands
4. Using above command we will add 126.96.36.199 and 188.8.131.52 and after adding these two IP addresses we can see the ip addresses the IIS server currently listening on as follows
5. By following above method we ensured that 184.108.40.206 is freed by IIS so that we can use it on the TMG server for web publishing. Now we can check the netstat –ano output as follows
As we can see 220.127.116.11 is now listening on port 80 and process id is 3208 which is wspsrv.exe i.e TMG as shown below(I have already published the web site in TMG on 18.104.22.168 at port 80)
6. Then I tested my portal published through UAG and my website published through TMG and both worked fine. Both use port 80 but different IP addresses.
Conclusion for any website or portal to be published through UAG we need to add that website/portals external IP address in the IIS’s listening list as shown in fig below and method explained in this post.