Objective : Publish a website using TMG on a UAG server.
Note: Following is a proof of concept(done in a lab scenario) not a solution and not supported on a UAG server.
1. We need to unbind the IP address from http ,that we will be using in the TMG.
We have 22.214.171.124,126.96.36.199,188.8.131.52 on the UAG server external NIC.
Bindings of the IP addresses with websites in IIS
184.108.40.206-portal(portal published through the UAG server).
127.0.0.1 used by UAG to access websites on the local IIS server.
220.127.116.11- to be used in TMG web publishing.
2. To unbind the one IP address i.e. 18.104.22.168 from http(so that it can be used in TMG) we need to follow a process. By default IIS on UAG server listen on all the IP addresses as shown below on ports 443 and 80
3. We will change this behavior by making IIS to listen on only few IP addresses and allow other IP addresses to be used by other services. Here we will make IIS to listen only on 22.214.171.124, 126.96.36.199 and 127.0.0.1. To achieve that we use follow commands
4. Using above command we will add 188.8.131.52 and 184.108.40.206 and after adding these two IP addresses we can see the ip addresses the IIS server currently listening on as follows
5. By following above method we ensured that 220.127.116.11 is freed by IIS so that we can use it on the TMG server for web publishing. Now we can check the netstat –ano output as follows
As we can see 18.104.22.168 is now listening on port 80 and process id is 3208 which is wspsrv.exe i.e TMG as shown below(I have already published the web site in TMG on 22.214.171.124 at port 80)
6. Then I tested my portal published through UAG and my website published through TMG and both worked fine. Both use port 80 but different IP addresses.
Conclusion for any website or portal to be published through UAG we need to add that website/portals external IP address in the IIS’s listening list as shown in fig below and method explained in this post.