Using Forefront Unified Access Gateway (UAG), you publish internal applications and resources by means of Forefront UAG trunks. Each trunk has a portal Web page, and remote endpoints connect to the portal over an HTTP or HTTPS connection. The following infrastructure design tasks are required when setting up a trunk, and publishing applications via the trunk:
- When you create a trunk, you specify whether remote endpoints
should connect to the trunk site or portal over an HTTP or HTTPS
connection. If you want a remote endpoint to connect to trunks over
an HTTPS connection, you must have an infrastructure for requesting
a server certificate from a public certification authority (CA).
Usually a public certificate will be required because client
endpoints might be managed or unmanaged, and the endpoint must
trust the CA that issued the certificate.
- In addition, when you create a trunk you specify whether the
connection between the Forefront UAG server and backend published
servers is over HTTP or HTTPS. If you want to use an HTTPS
connection, the backend server must have a server certificate in
order to authenticate the HTTPS connection to the Forefront UAG
server. This will usually be a certificate issued by an internal
CA, because only the Forefront UAG server is required to trust