I am writing this post, because I burned my fingers recently, thinking that I can outsmart the process. Long story short:

Can you deploy it on ESXi host without a vCenter server? No, you can’t – you need to have a vCenter server.

Unless you want to see me struggling, there is no point on reading further. 😀

Workspace ONE Tunnel is a per-app VPN technology, which is pretty easy to deploy and work on all major platforms today (iOS, Android, macOS and Windows 10). In order for this to work you need to deploy a Unified Access Gateway in a DMZ and configure a few things in Workspace ONE UEM console.

Deploying such virtual appliance can be really simple – one machine with one NIC. This is what I typically deploy for testing or PoC. But what if you require something little bit more secure?

We all know that feeling when you return from a long vacation and you cannot remember your corporate password. But what if you also forgot passwords to your Unified Access Gateway?

The UAG has two main accounts root and admin each with a password that can be unique (but in most cases is set to the same thing) so you are screwed up two times.

In this mini-post let me show you how to gain back control and reset both passwords.

I’ve recently upgraded my home lab from UAG 3.6 to 3.7.1 and I’ve noticed, that basically everything stopped working. That’s weird, so I started my investigation and by the investigation, I mean reading carefully release notes for UAG 3.7.

The last bullet point caught my attention because my lab domain is minarik.local.

Unified Access Gateway is a swiss knife in your DMZ, which can help you securely publish your internal resources and data to any device no matter where is the device located. UAG plays a crucial role in VMware’s Zero Trust security model as it can block unauthorized sessions in DMZ before even reaching your internal networks.

Unified Access Gateway is a hardened Linux virtual appliance and can be deployed in two general ways:

• Using vSphere Client GUI – only when deploying to vSphere 🙂
• Using PowerShell script – when deploying to vSphere or any other place (Azure, AWS…). This method will be covered in this blog post.

The main benefits of PowerShell deployment are, that is can be (partially) automated, it’s reusable, reliable, simple and quick.

Recently I am doing a lot of proof of concepts for VMware Workspace ONE running as SaaS in our cloud and it always starts with a question – “What do I need to prepare on my side?”. To simplify my life, I decided to write this post, which should summarize all the requirements to get everything up and running.

My idea is to slowly over time expand this post and provide also nice installation instructions, so it will be extremely easy for anyone to test our Workspace ONE trial environment.