1. On your ControlCenter server,
   • Go to the Downloads folder
     • select and open the uagdeploy folder
       • observe the contents    

2. In the uagdeploy folder
   • select the uag2-advanced.ini,
     • Copy and Paste so that you have a backup of the original file .

3. In the uagdeploy folder
   • select uag2-advanced
     • right-click
       • In the Menu
         • select Edit with Notepad++

4. In the NotePad++ application
   • next to name
     • change to UAG-HZN-01a
   • Next to source change

source=\\horizon-01a\Software\UAG\2412\euc-unified-access-gateway-24.12.0.0-12815712361_OVF10.ova

• Next to target change it to:

target=vi://[email protected]:[email protected]/Region01A/host/Bangalore/esxi-01a.techseals.co

5. Scroll down in your NotePad++ window
   • Next to ds=Local Disk 1
     • change to ds=CorpLun-01b
   • Next to #diskMode=thin
     • remove the #
       • change to diskMode=thin
   • Change the following network settings to:
     • netInternet=CorpDMZ01
     • netManagementNetwork=CorpDMZ01
     • netBackendNetwork=CorpDMZ01
     • defaultGateway=172.16.20.1
     • deploymentOption=onenic (default)
     • ip0=172.16.20.10
     • netmask0=255.255.255.0
     • routes0=172.16.20.0/24 172.16.20.1

6. Scroll Down
   • Locate the entry "dns=192.168.0.10"
   • Edit this entry to

 dns=192.168.110.10

7. Scroll Down
   • Under  sessionTimeout=39600000
     • Add the following line

allowedHostHeaderValues=uag-hzn-avi01.techseals.co

8. Under [SSLCert]
   • change pfxCerts=sslcerts.pfx to

pfxCerts=C:\certificates\wildcard_2025.pfx

9. In the [SSLCertAdmin] section ,
   • change pfxCerts=sslcerts.pfx to

 pfxCerts=C:\certificates\wildcard_2025.pfx

10. Under the [Horizon] section
    • change proxyDestinationUrl=https://192.168.0.209 to

proxyDestinationUrl=https://horizon-01a.techseals.co
gatewayLocation=external
disableHtmlAccess=false
healthCheckUrl=/favicon.ico
proxyDestinationIPSupport=IPV4
smartCardHintPrompt=false
queryBrokerInterval=300
proxyPattern=(/|/view-client(.*)|/portal(.*)|/appblast(.*))
matchWindowsUserName=false
windowsSSOEnabled=false
proxyDestinationUrlThumbprints=92 0f cf ff 4f 87 f4 8a e8 b3 97 0b b8 03 53 6c 4d 1a 25 09 2b 67 32 04 69 b8 14 2a 36 1c 93 12
proxyDestinationPreLoginMessageEnabled=true

11. Scroll down and Change

• tunnelExternalUrl=https://uag2.horizon.myco.com:443
• blastExternalUrl=https://uag2.horizon.myco.com:443

To

tunnelExternalUrl=https://uag-hzn-01a.techseals.co:443
blastExternalUrl=https://uag-hzn-01a.techseals.co:8443

12. Scroll down and Change
    • In the pcoipExternalUrl section
      • change pcoipExternalUrl=10.20.30.90:4172 to:

 pcoipExternalUrl=172.16.20.10:4172

13. In your Notepad++ window
    • Menu Bar
      • SAVE THE .ini File

1. On your ControlCenter server ,
   • Launch the powershell shortcut from the Start Menu

2. We will set the script execution is set to unrestricted.
   • Execute the following command.

 Set-ExecutionPolicy -scope currentuser unrestricted

When Prompted select Y

3. Within the powershell interface
   • type the following command

 cd .\Downloads\uagdeploy

4. Execute the following command

.\uagdeploy.ps1 -iniFile uag2-advanced.ini

• When you get a security warning type: R
• When you get a second security warning type: R
• When prompted to enter a root password for UAG-HZN-01a,
  • type:- Pa$$w0rd
  • when prompted to confirm type Pa$$w0rd

5. When prompted to
   • Enter an optional admin password for the RESP API management access for UAG:
     • enter Pa$$w0rd
   • When prompted to Re-Enter an optional admin password :
     • enter Pa$$w0rd
   • When prompted whether or not to join the customer experience program
     • enter Yes
   • Enter the password for the specified [SSLcert] PFX certificate file wildcard_2025.pfx:
     • enter Pa$$w0rd
   • Enter the password for the specified [SSLcertAdmin] PFX certificate file wildcard_2025.pfx:
     • enter Pa$$w0rd

6. Below Fingerprint will be added to the known host file
   • enter yes

7. When prompted the password for [email protected]
   • enter Pa$$w0rd
   • Your virtual Appliance deployment will now start , it will take between 5 - 10min to deploy. Proceed to step 8

8. Review the deployment once the setup has completed

9. On your ControlCenter server
   • On your Site 1 - Bangalore Browser
     • open a new Tab
       • from the Bookmarks Bar
         • select the UAG-HZN-01a  bookmark
     • login to your UAG server by entering the following
       • Admin Username : admin
       • Admin Password: Pa$$w0rd
         • select SIGN IN

10. On your UAG Admin Console
    • under Configure Manually
      • click the SELECT button

11. On your UAG Admin Console
    • under General Settings
      • next to Edge Service Settings,
        • move the toggle to the right

12. On your UAG Admin Console
    • to the right of Horizon Settings,
      • select the Gearbox

13. In your UAG Admin Console
    • Under Horizon Settings
      • Browse and familiarize yourself with config, we will be changing some of the settings in a future exercise
      • CANCEL the Horizon Settings window
        • Logout from the UAG Admin Console

1. On the ControlCenter server
   • Go to your Downloads > uagdeploy folder

2. In the uagdeploy folder
   • copy the uag2-advanced.ini
     • paste this to the uagdeploy folder
   • select the uag2-advanced - Copy (2).ini
     • rename to uag2b-advanced.ini

3. In the uagdeploy folder
   • select the uag2b-advanced.ini
     • right-click
       • from the menu
         • select Edit with Notepad++

4. In the uag2b-advanced.ini file
   • edit name=UAG-HZN-1a
     • to
     • name=UAG-HZN-01b
   • scroll down to the Network configuration
     • just below diskmode=thin

5. In your NotePad++ window
   • scroll down
   • change the following network settings to:
     • ip0=172.16.20.10
       • to
     • ip0=172.16.20.11

6. In your NotePad++ window
   • scroll down until you find the [Horizon] section
     • edit proxyDestinationUrl=https://horizon-01b.techseals.co

7. In the uag2b-advanced.ini  file
   • edit the following
     • tunnelExternalUrl=https://uag-hzn-01a.techseals.co:443
     • blastExternalUrl=https://uag-hzn-01a.techseals.co:8443
     •                        TO
     • tunnelExternalUrl=https://uag-hzn-01b.techseals.co:443
     • blastExternalUrl=https://uag-hzn-01b.techseals.co:8443
       •                   AND
     • pcoipExternalUrl=172.16.20.10:4172
       •                   TO
     • pcoipExternalUrl=172.16.20.11:4172

8. In the NotePad++ application
   • select SAVE

9. On your ControlCenter server ,
   • from the Taskbar
     • switch to the existing PowerShell session 

10. In the PowerShell window
    • execute the following command

.\uagdeploy.ps1 -iniFile uag2b-advanced.ini

• when you get a security warning type: R
• when you get a second security warning type: R
• when prompted to enter a root password for UAG-HZN-01b,
  • type:- Pa$$w0rd
  • when prompted to confirm type Pa$$w0rd

11. In the PowerShell window
    • when prompted to
      • Enter an optional admin password for the RESP API management access for UAG:
        • type Pa$$w0rd
      • when prompted to Re-Enter an optional admin password :
        • type Pa$$w0rd
      • when prompted whether or not to join the customer experience program
        • type Yes

12. When prompted to
    • Enter the password for the specified [SSLcert] PFX certificate file wildcard_2025.pfx:
      • type Pa$$w0rd
    • Enter the password for the specified [SSLcertAdmin] PFX certificate file wildcard_2025.pfx:
      • type Pa$$w0rd

13. When prompted to
    • for the [email protected] password
      • type Pa$$w0rd
    • Your virtual Appliance deployment will now start , it will take between 5 - 10min to deploy. Proceed to step 8

14. Review the deployment once the setup has completed