Configuring trunk settings

Updated: February 1, 2011

Applies To: Unified Access Gateway

After setting up a Forefront Unified Access Gateway (UAG) portal using the Create Trunk Wizard, you can configure additional portal trunk settings, as described in this topic.

To configure portal settings

1. In the Forefront UAG Management console, click the portal trunk.

2. On the main page of the trunk properties, specify the public host name of the trunk, IP addresses and ports. For help with specific user interface settings, see Trunk properties help.

3. On the General properties page, configure connection settings, external Web site properties, and the server certificate. For help with specific user interface settings, see General tab.

4. On the Authentication tab, specify how clients authenticate when establishing a trunk session. In addition, configure how clients can add credentials, and change passwords on the portal home page of the trunk. For help with specific user interface settings, see Authentication tab.

5. On the Sessions tab, configure settings that are applied to endpoint sessions for the trunk. For help with specific user interface settings, see Session tab.

6. On the Endpoint Access Settings tab, specify the access policies with which clients must comply to gain access to a trunk session. For help with specific user interface settings, see Endpoint Access Settings tab.

   Note

   If you change the default value in Maximum concurrent session, you must manually restart IIS on the Forefront UAG server after activating the setting in Forefront UAG.

7. On the Application Customization tab, select whether to use the default application customization template supplied by Forefront UAG, and configure global content-type and URL extension lists. For help with specific user interface settings, see Application Customization tab.

8. On the Portal tab, do the following:

   1. Define a list of URLS on which you do not want to run the content-type parser, in either the body of the request, the response, or both (for example, on pages that contain no links or pages, where all the links are relative path URLs, or where there is no need for link replacement because the server name does not appear in the URL). You can configure this per application server or per application type.

   2. Define a list of URLs on which you want to run a search and replace parser on the body of the response. The search and replace engine manipulates absolute URLs in order to hide link names in body data that is not otherwise handled by the content-specific parser (for example, Java comments or URLs that appear within HTML text tags). The search and replace engine runs on the entire HTTP data in the application or in the trunk, including all tags. It is applicable for responses only. You can configure this per application server or per application type.

   3. Define a manual list of URLs that, when requested, will be redirected or rerouted to the specified location.

   For help with specific user interface settings, see Portal tab.

9. On the URL Inspection tab, specify valid methods for URL access, define a default set of valid methods, set an enforcement level for application types, configure general URL inspection settings, and configure settings for global URL character rules. For help with specific user interface settings, see URL Inspection tab.

10. On the Global URL Settings tab, define global parameter rules that are automatically added to each of the parameter rules you defined in the URL Set tab. Global rules are automatically added to each of the URL inspection rules, and to the individual parameter rules. When the request is checked against the rule, the individual parameter rules are applied first, followed by the global parameter rules. In addition, configure a global list of rejected parameter values, global URL settings, and a download file size limit. For help with specific user interface settings, see Global URL Settings tab.

11. On the URL Set tab, define URL inspection rules. URLs that are not listed are denied access. Rules are configured and applied per application type. For each primary rule in the URL list, you can define exclusionary rules that define exceptions to the primary rule. Note that when you disable a primary rule, its exclusionary rules are also disabled. After you re-enable the primary rule, the associated exclusionary rules are not automatically enabled; you must manually re-enable each exclusionary rule. For help with specific user interface settings, see URL Set tab.