Objective : Publish a website using TMG on a UAG server.

Note: Following  is a proof of concept(done in a lab scenario) not a solution and not supported on a UAG server.

Steps taken

1.      We need to unbind the IP address from http ,that we will be using in the TMG.

We have 39.1.1.4,39.1.1.5,39.1.1.6 on the UAG server external NIC.

Bindings of the IP addresses with websites in IIS

39.1.1.4-default website

39.1.1.6-portal(portal published through the UAG server).

127.0.0.1 used by UAG to access websites on the local IIS server.

39.1.1.5- to be used in TMG web publishing.

       2.  To unbind the one IP address i.e. 39.1.1.5 from http(so that it can be used in TMG) we need to follow a process. By default IIS on UAG server listen on all the IP addresses as shown below on ports 443 and 80

               

3.      We will change this behavior by making IIS to listen on only few IP addresses and allow other IP addresses to be used by other services. Here we will make IIS to listen only on 39.1.1.4, 39.1.1.6 and 127.0.0.1. To achieve that we use follow commands

 4.      Using above command we will add 39.1.1.4 and 39.1.1.6 and after adding these two IP addresses we can see the ip addresses the IIS server currently listening on as follows

5.      By following above method we ensured that 39.1.1.5 is freed by IIS so that we can use it on the TMG server for web publishing. Now we can check the netstat –ano output as follows

As we can see 39.1.1.5 is now listening on port 80 and process id is 3208 which is wspsrv.exe i.e TMG as shown below(I have already published the web site in TMG on 39.1.1.5 at port 80)

6.      Then I tested my portal published through UAG and my website published through TMG and both worked fine. Both use port 80 but different IP addresses.

 

Conclusion for any website or portal to be published through UAG we need to add that website/portals external IP address in the IIS’s listening list as shown in fig below and method explained in this post.