Routing internal users through UAG
We have published SharePoint on the UAG and want all internal users to access SharePoint through the UAG, as if they were connecting from outside our network. This is working. The problem is that we are trying to publish Office Web Apps for SharePoint and it is not working internally or externally. We followed the TechNet article "Publishing Office Web Apps Server Using a Reverse Proxy Server." Is this a supported configuration (to route all internal traffic through UAG as if the connection was external to the network)? 
January 13th, 2014 11:11am

to route all internal traffic through UAG as if the connection was external to the network

It depends on what you mean with the above. It is not supported to use UAG as a forward proxy by using the underlying TMG's functionality. If your leaves the internal network through another proxy/firewall/egress then it is supported. I would ask myself why you do this but that is another discussion.

If it doesn't work either internally (through internal namespace?) or externally then you have configuration issue.

Review this article and see if you can resolve it.

Free Windows Admin Tool Kit Click here and download it now
January 14th, 2014 4:27am

Thanks for your reply. The underlying setup is the following and this should clarify things a bit:

UAG is load balancing SharePoint farm.

Internal DNS is the same as the Public DNS to access SharePoint. (For example sp.domain.com)

At this point Office Web Apps works normally for both internal and external users.

Since we want users to experience the same login steps, the following was done:

A DNS record was created internally, so that sp.domain.com resolves to the public IP of the UAG. This way everyone is going through the UAG for access regardless if they are internal or external users. This is when we started having issues. It seems that there is a loop somewhere when office web apps tries to send the document back to SharePoint.


  • Edited by Vader86 1 hour 18 minutes ago
January 14th, 2014 5:33am

Thanks for your reply. The underlying setup is the following and this should clarify things a bit:

UAG is load balancing SharePoint farm.

Internal DNS is the same as the Public DNS to access SharePoint. (For example sp.domain.com)

At this point Office Web Apps works normally for both internal and external users.

Since we want users to experience the same login steps, the following was done:

A DNS record was created internally, so that sp.domain.com resolves to the public IP of the UAG. This way everyone is going through the UAG for access regardless if they are internal or external users. This is when we started having issues. It seems that there is a loop somewhere when office web apps tries to send the document back to SharePoint.


  • Edited by Vader86 Tuesday, January 14, 2014 10:31 AM
Free Windows Admin Tool Kit Click here and download it now
January 14th, 2014 1:28pm

Thanks for your reply. The underlying setup is the following and this should clarify things a bit:

UAG is load balancing SharePoint farm.

Internal DNS is the same as the Public DNS to access SharePoint. (For example sp.domain.com)

At this point Office Web Apps works normally for both internal and external users.

Since we want users to experience the same login steps, the following was done:

A DNS record was created internally, so that sp.domain.com resolves to the public IP of the UAG. This way everyone is going through the UAG for access regardless if they are internal or external users. This is when we started having issues. It seems that there is a loop somewhere when office web apps tries to send the document back to SharePoint.


  • Edited by Vader86 Tuesday, January 14, 2014 10:31 AM
January 14th, 2014 1:28pm

I don't know the specifics of your setup but as you started experiencing problems when you changed the DNS record, have you tried creating hosts file entries on SPS/OWA servers pointing to the internal address so that they do not access each other through UAG?
Free Windows Admin Tool Kit Click here and download it now
January 15th, 2014 4:51am

After adding a host record on the office web apps server to point to the internal IPs of the SharePoint farm things were working. Thanks for that suggestion which ultimately resolved our issue. 
January 15th, 2014 6:22pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics