Hello,
First, a brief description of my two issues. Then a description of our environment.
Issue #1 - NLB status between my two UAG nodes is always 'Unknown'.
Issue #2 - When launching UAG Management Console on my Array Manager, I always receive the following error: "The IP address (192.168.10.2) previously configured on the adapter associated with the internal network was removed. A new IP address (10.200.0.53) was detected on an internal network adapter. Click Yes to specify that Forefront UAG use the new IP address. If you click No, UAG might not work as expected."
Now, a description of our environment.
Two UAG/TMG servers load balanced via Microsoft NLB. Both running Windows 2008 R2, TMG SP2, and UAG SP4. Adapter information is below. I won't bother listing off which have DNS servers, etc, but I followed the UAG best practice. The external IP is obviously fake, and is used for example purposes.
UAG-SERVER-1
Internal Adapter 1 - 10.60.10.164 (no gateway, only static route)
Internal Adapter 2 - 10.200.0.53 (no gateway, only static route)
Unassigned Adapter 1 - 192.168.10.2 (no gateway, no static route as the servers are directly connected. Used for NLB)
External Adapter 1 - 4.4.4.3 - gateway set to 4.4.4.1
UAG-SERVER-2
Internal Adapter 1 - 10.60.10.165 (no gateway, only static route)
Internal Adapter 2 - 10.200.0.54 (no gateway, only static route)
Unassigned Adapter 1 - 192.168.10.3 (no gateway, used for NLB)
External Adapter 1 - 4.4.4.4 - gateway set to 4.4.4.1
Within TMG, under 'Firewall > Managed Server Computers' I have the 10.60.10.x addresses for each UAG server listed, as this is their primary internal interface. The 10.200.0.x IP addresses are for a secondary network that they require access to, so it is not listed here.
Under 'System > Servers', I have both UAG servers listed. Under 'Remote Communication' for each server, their FQDN is selected. Under 'Intra-Array Communication', the IP address is set to the NLB address of 192.168.10.2 and 192.168.10.3 for each node, respectively.
When launching UAG Management Console, the error from Issue #2 is displayed. I am forced to select 'Yes', at which point UAG displays this message: "The IP address associated with the internal adapter was updated to 10.200.0.53. On each array member, run the Array Management Wizard to change the array manager settings to the new address". However, I do not want this address to be the address used for 'Intra-Array Communication', nor for NLB.
At that point, the 'Intra-Array Communication' IP addresses under the 'System > Communication' tab in TMG changes from the 192.168.10.x addresses to the 10.200.0.x addresses. It is my understanding that 'Intra-Array Communication' should be the NLB IP, as they should be communicating with each other via that IP. Is this not the case, should it be the IP address of one of the two internal adapters? I also assume this is leading to the NLB status of 'Unknown'.
If anybody sees something that stands out, or has experience with this issue or a similar one, I would greatly appreciate some guidance.
Thank you all very much in advance.
First, a brief description of my two issues. Then a description of our environment.
Issue #1 - NLB status between my two UAG nodes is always 'Unknown'.
Issue #2 - When launching UAG Management Console on my Array Manager, I always receive the following error: "The IP address (192.168.10.2) previously configured on the adapter associated with the internal network was removed. A new IP address (10.200.0.53) was detected on an internal network adapter. Click Yes to specify that Forefront UAG use the new IP address. If you click No, UAG might not work as expected."
Now, a description of our environment.
Two UAG/TMG servers load balanced via Microsoft NLB. Both running Windows 2008 R2, TMG SP2, and UAG SP4. Adapter information is below. I won't bother listing off which have DNS servers, etc, but I followed the UAG best practice. The external IP is obviously fake, and is used for example purposes.
UAG-SERVER-1
Internal Adapter 1 - 10.60.10.164 (no gateway, only static route)
Internal Adapter 2 - 10.200.0.53 (no gateway, only static route)
Unassigned Adapter 1 - 192.168.10.2 (no gateway, no static route as the servers are directly connected. Used for NLB)
External Adapter 1 - 4.4.4.3 - gateway set to 4.4.4.1
UAG-SERVER-2
Internal Adapter 1 - 10.60.10.165 (no gateway, only static route)
Internal Adapter 2 - 10.200.0.54 (no gateway, only static route)
Unassigned Adapter 1 - 192.168.10.3 (no gateway, used for NLB)
External Adapter 1 - 4.4.4.4 - gateway set to 4.4.4.1
Within TMG, under 'Firewall > Managed Server Computers' I have the 10.60.10.x addresses for each UAG server listed, as this is their primary internal interface. The 10.200.0.x IP addresses are for a secondary network that they require access to, so it is not listed here.
Under 'System > Servers', I have both UAG servers listed. Under 'Remote Communication' for each server, their FQDN is selected. Under 'Intra-Array Communication', the IP address is set to the NLB address of 192.168.10.2 and 192.168.10.3 for each node, respectively.
When launching UAG Management Console, the error from Issue #2 is displayed. I am forced to select 'Yes', at which point UAG displays this message: "The IP address associated with the internal adapter was updated to 10.200.0.53. On each array member, run the Array Management Wizard to change the array manager settings to the new address". However, I do not want this address to be the address used for 'Intra-Array Communication', nor for NLB.
At that point, the 'Intra-Array Communication' IP addresses under the 'System > Communication' tab in TMG changes from the 192.168.10.x addresses to the 10.200.0.x addresses. It is my understanding that 'Intra-Array Communication' should be the NLB IP, as they should be communicating with each other via that IP. Is this not the case, should it be the IP address of one of the two internal adapters? I also assume this is leading to the NLB status of 'Unknown'.
If anybody sees something that stands out, or has experience with this issue or a similar one, I would greatly appreciate some guidance.
Thank you all very much in advance.