Users accessing corporate resources published via Forefront UAG can access multiple applications via a UAG corporate gateway, or can connect directly to a single Web application.
To allow users to access one or more corporate applications via a Web portal, you do the following:
- Create a trunk that includes a portal home page.
- Add the applications for which you want to allow access to the trunk.
- Users connect to the portal by typing the portal public host name in a browser, and access published applications.
To allow users to access a Web application directly, you do the following:
- Create a trunk that includes a portal home page
- Add a Web applicatiion with an application-specific host name to the trunk.
- Users connect directly to the Web application by typing the application-specific public host name in a browser. When the UAG server receives such a request, it performs authentication, and then automatically opens the required application, bypassing the UAG portal home page.
Best practices for publishing Web applications directly:
- If you have published more than one instance of an application public host name, ensure that the application path for each instance is unique.
- Ensure that the application-specific host name is resolvable by a public DNS server.
- In the DNS entry, the application host name should resolve to the same IP address as the public host name of the trunk.
- In HTTPS trunks, it's recommended that both the public host name of the trunk and the public host name of the application should be included on the server certificate used by the trunk. Alternatively you can use a wildcard certificate. If you use names that do not match the certificate, ignore the certificate warning that pops up during trunk configuration. If names do not match, connecting endpoints will be presented with a browser warning that there might be a problem with the website’s security certificate, and must choose to continue for site access.
- The application’s public host name must be in or above the domain-level namespace of the portal’s public host name.
Note that although this option allows users to access a Web application directly, it does require them to remember a public host name for each application published in this way.