Verifying installation settings

Updated: August 23, 2010

Applies To: Unified Access Gateway

This topic lists the features and components that are installed during Setup, and describes the requirements for managing Forefront Unified Access Gateway (UAG) remotely.

After Setup completes successfully, verify that the following items have been added to your Start menu:

  • Forefront UAG Activation Monitor.

  • Forefront UAG Management.

  • Forefront UAG Web Monitor.

During Setup, the following are also installed:

  • Windows roles:

    • Network Policy Server.

    • Routing and Remote Access Services.

    • Active Directory Lightweight Directory Services Tools.

    • Message Queuing Services.

    • Web Server (IIS) Tools.

    • Network Load Balancing Tools.

    • Windows PowerShell.

  • Additional features (if they are not already installed):

    • Microsoft .NET Framework 3.5 SP1.

    • Windows Web Services API.

    • Windows Update.

    • Microsoft Windows Installer 4.5.

  • Forefront TMG is installed as a firewall during Forefront UAG installation. Following Setup, the firewall is configured to protect the Forefront UAG server.

  • By default, the Windows Server 2008 R2 DirectAccess component is installed. For more information, see Forefront UAG DirectAccess deployment guide.

Remotely managing Forefront UAG

After installation, you might want to manage Forefront UAG remotely. To manage Forefront UAG using a remote desktop connection, you must do the following:

  1. Ensure that remote desktop is enabled on the Forefront UAG server.

  2. Ensure that the computer from which you want to manage Forefront UAG is added to the Forefront TMG Remote Management Computers computer set. To do this, open the Forefront TMG Management console from the Start menu. In the console tree, click the Firewall Policy node. On the Toolbox tab, click Network Objects. Click Add, and then click Computer. Specify the details of the computer from which you will remotely manage Forefront UAG. Note that Forefront TMG has a system policy rule that allows RDP traffic from the computers listed in this computer set to the Forefront UAG server. This system policy rule is enabled by default. After adding the computer to the set, activate the changes in the Forefront TMG Management console.


  • You can only manage Forefront UAG remotely using a remote desktop connection. The Forefront UAG Management console cannot be installed as a standalone entity for the purposes of remote management.

  • When multiple users are logged on to the server running Forefront UAG over a remote desktop connection, only one user can access the Forefront UAG Management console.

  • When Forefront UAG servers are configured in an array, you manage and activate the Forefront UAG configuration by running the Forefront UAG Management console on the array manager. For other array members, the Forefront UAG Management console is used only to access and run the Array Management Wizard.