Backing up and restoring with export and import

You can back up your Forefront Unified Access Gateway (UAG) configuration by exporting the configuration settings to an .xml file. This file maintains a record of the latest configuration settings, and can be used, during maintenance or disaster recovery, to restore configuration settings to the same Forefront UAG server from which the settings were exported, or to a different Forefront UAG server.

To back up and restore the Forefront Unified Access Gateway (UAG) configuration, you use the Forefront UAG export and import mechanisms. When you export your Forefront UAG configuration settings, an xml file is created, containing the current configuration settings. You can later import this xml file, as required. Any user who has access to the Forefront UAG Management console can perform export and import operations.

The following procedures describe:

Exporting the Forefront UAG configuration settings
Importing the Forefront UAG configuration settings

Before you begin

Before exporting the Forefront UAG configuration settings, it is recommended that you activate the current Forefront UAG configuration, to make sure that the latest Forefront UAG server settings are applied. To do this, click the Activation icon on the toolbar of the Forefront UAG Management console.

Exporting the Forefront UAG configuration settings

You can export the configuration settings from the Forefront UAG Management console, or from the command line.

It is recommended that you back up your settings using export, as follows:

Export the configuration directly after configuring Forefront UAG for the first time.
Following the initial backup, export the settings each time you modify the configuration settings, to ensure that the backup is updated at all times.
Copy the exported file to a separate location whenever you make major changes to the configuration.

To export the configuration settings from the Forefront UAG Management console

In the Forefront UAG Management console, on the File menu, click Export.

Note:
To perform an export, you must save changes made to the configuration. If you have not saved changes that were previously made to the Forefront UAG configuration, when prompted, click Yes. The Export Configuration dialog box appears.

From the Export Configuration dialog box, click Browse, select a location and file name for the file you are exporting, and then click Save.
Enter a password, confirm the password, enter a comment (optionally), and then click Export.

Note:

The password must be at least 8 characters.

Note:
The password must be at least 8 characters.

To export the configuration settings from the command line

On the Forefront Unified Access Gateway (UAG) server, open a command line and navigate to: \Program Files\Microsoft Forefront Unified Access Gateway\utils\ConfigMgr.
At the command line, type the following: configmgrutil export filename.xml password comment (where filename.xml is the path and filename you want to give the exported file, and password is the password you must enter when importing the file).

Note:
When you export a Forefront UAG configuration, customized internal network ranges are not preserved. After importing the configuration, the internal network is set to the network ranges of the adapter that you associated with the internal network when you ran the Getting Started Wizard.

Importing the Forefront UAG configuration settings

After exporting configuration settings, you can import them, during maintenance or disaster recovery, to restore the configuration settings on a Forefront UAG server.

To import the configuration using the UAG Management console

In the Forefront UAG Management console, on the File menu, click Import.

From the Import Configuration dialog box, click Browse, select the file you want to import, and click Open. The Forefront UAG version number of the file you are about to import appears in the Version field of the Import configuration dialog box.

Note:
By default, you cannot import a configuration file that was exported from a different version of Forefront UAG. If you want to import a configuration file from a different version of Forefront UAG, you must do the following: On the Forefront UAG server, open the Registry Editor. Navigate to HKEY_LOCAL_MACHINE\Software\WhaleCom\e-Gap\Configuration. Create a DWORD (32-bit) Value ImportFromOtherVersion, and set the Dword value to 1.

Note:

By default, you cannot import a configuration file that was exported from a different version of Forefront UAG. If you want to import a configuration file from a different version of Forefront UAG, you must do the following:

On the Forefront UAG server, open the Registry Editor.
Navigate to HKEY_LOCAL_MACHINE\Software\WhaleCom\e-Gap\Configuration.
Create a DWORD (32-bit) Value ImportFromOtherVersion, and set the Dword value to 1.

Enter a password if required, click Import, and then click Yes to confirm the import.

Note:
After successfully importing a configuration file, the administrator may be required to make some manual configuration changes, for example IP addresses, virtual IP addresses, and static IP pools. Some of the changes you are required to make will appear in the Forefront UAG message output console.

After making the manual configuration changes, in the Forefront UAG Management console, click the Activate configuration icon, and then on the Activate Configuration dialog box, click Activate to activate the configuration.