![Tubemate for apple](https://cdn2.cdnme.se/5447227/9-3/12_64e61dfbddf2b3652190246e.png)
![uag vmware horizon uag vmware horizon](https://i0.wp.com/www.carlstalhood.com/wp-content/uploads/2021/03/img_6055e26ed0cb6.png)
Required for Identity Bridging to access AD if SAML to Kerberos/Certificate to Kerberos is configured. Port Requirements for Web Reverse Proxy PortĪny configured custom port on which the Intranet is listening. If you use Blast through TCP port 443, there is no need to open TCP 8443 on the firewall. If you use the Blast protocol, port 8443 must be open on the firewall. Unified Access Gateway appliance within the DMZ on TCP port 443. By default, the external client devices and external web clients (HTML Access) connect to a Unified Access Gateway appliance within the DMZ, the front-end firewall must allow traffic on certain ports. Note: To allow external client devices to connect to a MMR, CDR, and HTML5 features For example, Microsoft Teams Optimization, Browser Redirection, and others. Only required if the Horizon Clients use the RDP protocol. Horizon Client XML-API, Blast extreme HTML access, Horizon Air Console Access (HACA) UDP 443 is internally forwarded to UDP 9443 on UDP Tunnel Server service on Unified Access Gateway. Port Requirements for Horizon Portįor web traffic, Horizon Client XML - API, Horizon Tunnel, and Blast Extreme Therefore, the custom ports must be greater than port 1024.
![uag vmware horizon uag vmware horizon](https://i0.wp.com/www.carlstalhood.com/wp-content/uploads/2021/03/img_6057208a92d08.png)
Note: As the Secure Email Gateway (SEG) service runs as a non-root user in the Unified Access Gateway, the SEG cannot run on the system ports. Used for fetching Kerberos authentication tokens when KCD authentication is enabled. SEG fetches the configuration and policy data from Workspace ONE.
![uag vmware horizon uag vmware horizon](https://www.vcloudinfo.com/wp-content/uploads/2020/12/AVI-N1-deployment.png)
SEG connects to Email server's listener port, usually 443, to serve email traffic Used for Diagnostic and Administrative functionalities. When 443 or any other port is configured, Unified Access Gateway will internally route the SEG traffic to 11443.Įmail Notification Service (when enabled) Secure Email Gateway listens on port 11443. Port Requirements for the Secure Email Gateway Port DNS requests are made on UDP port 53 and so it is important that an external firewall does not block these requests or replies. The DNS server IP addresses are configurable. Unified Access Gateway services use DNS to resolve hostnames.
![uag vmware horizon uag vmware horizon](https://communities.vmware.com/wbsdv95928/attachments/wbsdv95928/3012/94131/1/UAG_ConfigurationFail.png)
Note: All UDP ports require forward datagrams and reply datagrams to be allowed.
![Tubemate for apple](https://cdn2.cdnme.se/5447227/9-3/12_64e61dfbddf2b3652190246e.png)