We would like to improve the roaming access to Juniper VPN for our users out on the road - including making sites available from iPhone and iPad.
We use claims based authentication for our 2 SharePoint web front ends which then go to an F5 before hitting our WAN and domaain.
UAG has been a solution proposed by Microsoft and others and I am assuming that we would need a windows server stood up in front of the F5 with one network into the F5 and then one network on the public internet.
I guess we probably also need an additional network for management of the UAG.
So UAG server with 3 interfaces
- Public IP (does this need to be one or two sequential IP addresses and is it best if this is directly on the pubic IP range or should this be behind the firewall with a NAT)
- Management IP (so we can remote and configure the UAG)
- IP address for UAG to SharePoint (UAG->F5->SharePoint)
Is this the correct way to do this?
Does anyone have any suggestions for vendors with UAG expertese in the Bay Area that could help us with this work?