How to Setup Microsoft Forefront Unified Access Gateway (UAG) for SharePoint 2013

1.   In order to setup Microsoft Forefront Unified Access Gateway (UAG) for SharePoint 2013, you first have to setup a virtual machine for SharePoint 2013

a. The first thing we must do is open the Console program from this machine, add new Snap-in that is Certificates (select ‘Computer account’ option from the previous screen):





After Certificates has been added successfully, we need to import the certificates file for the ‘Personal’ branch copying the existing certificates file. Keep the default settings for the next screens, and then check to see that certificates has been added clicking on the ‘Certificates’ branch below ‘Personal’ before finishing.





b. Next we must configure alternate access mappings in Central Admin. Make sure the port you want to configure is correctly changed from ‘Alternate Access Mapping Collection.’

First we ‘Edit Public URLs’ and enter the site in the ‘Internet’ field using https as with the previously imported certificates.





And then ‘Add Internal URLs’: enter the same Publish URLs with http and choose the ‘Internet’ option for the ‘Zone’ drop-down list:



c. The last item for this machine is to add new site binding for the port which you want to configure. Choose https for Type, enter IP address of this virtual machine, enter the names of the above URLs, and choose the correct certificate:



That’s all for the SharePoint machine.


2.    Next we’ll setup a virtual machine for Forefront Unified Access Gateway

a. Repeat step 1a

b. Use the Administrator user to add another domain user, and then log on as this user. Install the ‘MS Forefront unified access gateway’ program and then restart machine -> installing is completed

Now we configure for Forefront Unified Access Gateway running ‘Forefront Unified Access Gateway Management’ from ‘All Programs’. We must run three steps the first time you use UAG management. Check ‘Internal’ column, add range IP address while running step1. For Step2 and Step3, keep the default:


Enter password with policy and then click the ‘Activate’ button to complete.


  • c. Now Forefront Unified Access Gateway Management is ready and we will create a parent site and child site to access
  • With the parent site, we’ll do as below: create an Https trunk from the ‘HTTPS Connection’ branch.

Choose the ‘Portal trunk’ option and uncheck the checkbox for ‘Publish Exchange applications via the portal’ (if checked):


Enter ‘Trunk name’ and ‘Publish host name,’ which is the site name of the parent site. IP address is Forefront Unified Access Gateway machine IP:



Click the ‘Add’ button to add a new server. Enter ‘Server name’, ‘Define’ domain controllers, enter User and password for ‘Server access,’ and name for ‘Domain,’ and keep the default for the screens which follow until finishing. Note that clicking on the ‘Settings’ button on studio provides an update/save all configuration:



Add host file with IP is Forefront Unified Access Gateway machine with parent site name. Run it as https link: and check to see that it logs on successfully:



  • With the child site, we ‘Add Application’ from the created Forefront Unified Access Gateway name:




Choose the ‘Web’ option, and select ‘Microsoft SharePoint Server 2010’ (version 2013 has not updated yet) –  it’s is then added site to the parent site:



Enter a title for the child site, and select ‘Microsoft SharePoint Server 2010 Upload/Download’ for ‘Upload/ Download policy’ (version 2013 has not updated yet):



Enter the IP of the SharePoint machine and ‘Publish host name’ to link to the child site:



Add Authentication servers and select existing server, check on ‘User SSO’ checkbox and ‘Next’ for the remaining screens to finish.  Note that clicking on the ‘Settings’ button provides an update/save all configuration:


Add host file with IP is Forefront Unified Access Gateway machine with the parent site name. Run (child site) clicking the link from the parent site or run a direct link with and check to see that it logs on successfully.

3.    FINISH

* For SharePoint 2010, we repeat all steps as SharePoint 2013; it’s the same process.

SharePoint Online

The cloud parts are functional components that extend your SharePoint Online environment in Microsoft 365.

Supports Classic and Modern sites for SharePoint Online/Microsoft 365


Top SharePoint Online Products

Experience greater power and savings by bundling our SharePoint apps and cloud parts.

Calendar Plus

Chart Plus

Knowledge Base

Project Management Central

Simple List Search


On-Premises Only

These web parts extend SharePoint beyond its out-of-the-box capabilities by tailoring it to your requirements with Bamboo Solution’s growing portfolio of SharePoint Web Parts.

SharePoint 2013, 2016, 2019 – Classic Pages Only


Top On-Premises Only Products

Experience greater power and savings by bundling our SharePoint apps and web parts.

Calendar Plus

Data Viewer

Password Change

Password Expiration

Password Reset


Our team of Microsoft 365 experts help you get the most out of your Microsoft technology, we have the best Microsoft 365 talent to streamline your organization.

Streamline Your Department

We Have What You Need

Bamboo Solutions



Webinar & Events


Culture & Diversity



Bamboo Solutions



Bamboo Installer


Featured Services

SharePoint Health Check

A SharePoint Health Check will identify the causes of issues and risks associated with your specific environment, and is custom tailored to provide you with the best recommendations to optimize your SharePoint environment.

SQL Health Check

Document recommendations relating to performance, stability, availability, or a specific focus you request of your SQL Server database instances.

My SharePointXperts

The truth is that each SharePoint skill may not be a full time job for many organizations, and it is nearly impossible for one person to do everything you need – so augment your team with SharePointXperts; providing the skill sets you need when you need them!