When endpoint devices browse to the Forefront Unified Access Gateway (UAG) portal, Forefront UAG automatically assesses and identifies the endpoint device to make sure that the device is authorized to access the portal, and to ensure that the correct portal is presented to the device. Forefront UAG identifies all mobile devices as ‘Other’. By default, any device that is identified as ‘Other’ is blocked from accessing the logon pages and the Forefront UAG portal.

Note:
This is a change from the behavior in Forefront UAG RTM where mobile devices running Windows Mobile or the Apple iPhone were identified as Windows or Mac OS respectively and were able to browse to the portal without any further configuration.If you use the ‘desktop’ mode of your mobile browser, where the browser identifies itself as a desktop computer, you may not be able to view the Forefront UAG portal because it may require the Forefront UAG client components to be installed.

This topic describes how to change the Forefront UAG endpoint policies to allow mobile devices to browse to the logon pages and Forefront UAG portal. Access to the logon pages is based on the Default Session Access policy, access to the portal is based on the Default Web Application Access policy.

This topic contains the following procedures:

To allow mobile devices to access logon and portal pages

  1. On the Forefront UAG server, in the Forefront UAG Management console, click the required trunk, and in the Trunk Configuration area, click Configure.

  2. On the Advanced Trunk Configuration dialog box, click the Endpoint Access Settings tab.

  3. On the Endpoint Access Settings tab, click Edit Endpoint Policies.

  4. On the Manage Policies and Expressions dialog box, click the Default Session Access policy, and then click Edit Policy.

  5. On the Policy Editor dialog box, under Select platform-specific policies, in the Other drop-down list, click Always, and then click OK.

  6. On the Manage Policies and Expressions dialog box, click the Default Web Application Access policy, and then click Edit Policy.

  7. On the Policy Editor dialog box, under Select platform-specific policies, in the Other drop-down list, click Always, and then click OK.

    Note:
    If you publish applications that have specific application policies and you want to allow mobile devices to access these applications, you must also modify the application specific policies. For example, if you publish Microsoft SharePoint Server 2010, you must change the SharePoint policies.
  8. On the Manage Policies and Expressions dialog box, click Close.

  9. On the Advanced Trunk Configuration dialog box, click OK.

  10. Activate the configuration.

To configure applications to appear in mobile portals

  1. On the Forefront UAG server, in the Forefront UAG Management console, click the required trunk, and in the Applications area, click the required application, and then click Edit.

  2. On the Application Properties dialog box, click the Portal tab.

  3. On the Portal tab, select the Premium mobile portal check box to show this application in the premium mobile portal, select the Non-premium mobile portal check box to show this application in the non-premium mobile portal.

  4. On the Application Properties dialog box, click OK.

  5. Activate the configuration.