This topic is designed to help you understand the planning requirements for a Forefront Unified Access Gateway (UAG) network access design, as follows:

Planning client requirements

You can configure remote access to the corporate network using the legacy Network Connector application or Secure Sockets Tunneling Protocol (SSTP). Before selecting an access method, ensure that you are aware of client requirements, as listed in the following table.

The following table lists the requirements for both SSL network tunneling mechanisms.

SSL network tunneling mechanism Application version Client endpoint requirements

SSTP

Forefront UAG

Windows 7 client, Windows 7 server (32-bit and 64-bit). Internet Explorer.

Network Connector

Forefront UAG, Intelligent Application Gateway (IAG) 2007

Windows XP, Windows Vista (32-bit). Internet Explorer.

Planning for SSTP

The following SSTP planning is required:

  1. If you want to allocate IP addresses dynamically to remote clients, ensure that you have a DHCP server deployed.

  2. If you want to allocate IP addresses from a static pool, plan for a range that is large enough, and that can be excluded from the internal network address range that is defined on the Forefront UAG servers.

  3. No client-side configuration is required.

  4. SSTP is published via an HTTPS trunk and uses the trunk certificate for authentication. Ensure that you have obtained a valid certificate for the trunk. Note that the certificate must be trusted by remote clients and will usually be issued by an external certification authority (CA).

Planning for Network Connector

Planning for Network Connector includes the following:

  • Network Connector must allocate addresses from a static pool. Plan for a range that is large enough, and that can be excluded from the internal network address range that is defined on the Forefront UAG servers.

Next steps

For information on deploying SSTP remote network access, see Publishing remote network access with SSTP. For Network Connector deployment information, see Publishing remote network access with Network Connector.

508 Resource Limit Is Reached

Resource Limit Is Reached

The website is temporarily unable to service your request as it exceeded resource limit. Please try again later.