Microsoft Windows DirectAccess Client Troubleshooting Tool

I'm pleased to announce that Microsoft have just released an awesome troubleshooting tool for DirectAccess clients called "Microsoft Windows DirectAccess Client Troubleshooting Tool".


Get the tool here:




Web Application Proxy - HTTP to HTTPS redirect

This article explains how to perform HTTP to HTTPS redirect for deployments of Microsoft Web Application Proxy v1.

The guidance within this article is only for companies that doesn't use a layer 7 application firewall (with the ability to perform HTTP to HTTPS redirect). Most often these firewalls will be Citrix NetScaler, F5, Palo Alto Networks, Barracuda, Fortinet, etc. If your existing firewall support HTTP to HTTP redirect always use the firewall for the redirection.


  • Microsoft Internet Information Service
  • URL Rewrite

Configuring HTTP to HTTPS redirect

Install "Microsoft Internet Information Service" on the "Web Application Proxy" server. It may already be installed depend on the roles that have been added. Open "IIS Manager".

Select the "Web server" and click the "Get New Web Web Application Platform".

Click "Free Download" on the right.

Find the "URL Rewrite" module, click "Add" and then click "Install".

Click "I Accept".

Click "Finish".

Close the "IIS Manager" and re-open the "IIS Manager". Click "URL Rewrite".

Click "Add Rule (s)..."

Click "Blank Rule".

Type "HTTP to HTTPS" in the "Name" textbox and in the "Pattern" textbox type "(.*)".

Navigate down to "Condition" and click "Add".

In the "Condition input" textbox type "{HTTPS}" and under "Patterns" type "^OFF$". Click "OK".

Navigate down to "Action".

Type "https://{HTTP_HOST}/{R:1}" and click "Apply".

Testing the "HTTP to HTTPS" redirect functionality:

Try accessing your site using HTTP. You should see that the page will be automatically redirected to the HTTPS site. See the network trace below for more details. 


Microsoft Windows 2012 R2 - Web Application Proxy support for HTTP

WAP doesn't allow for applications to be published on port 80/HTTP. It will ONLY allow external connections to HTTPS. It will be possible to use the WAP in bridge mode from HTTPS to HTTP, if your internal applications isn't configured for HTTPS internally.

IIS Application Request Routing

If you would like support for HTTP on your Web Application Proxy server you should consider using IIS Application Request Routing (ARR):


You can download the IIS add-on here:

For more information about the Web Application Proxy. See the TechNet overview page:




Microsoft Forefront Unified Access Gateway 2010 is discontinued... What now?

Microsoft Forefront Unified Access Gateway 2010 is discontinued!

The product will be removed from pricelists on the first of July 2014 and the Mainstream support will continue through April 14, 2015.

More information:

 What NOW?

Microsoft will continue the develope the Web Application Proxy (WAP) role within Microsoft Windows 2012 R2. Keep come and wait for great things to come.....




Forefront Unified Access Gateway 2010 Service Pack 4

Service Pack 4 is RELEASED!

Forefront UAG 2010 SP4 includes the following features:

  • Added client devices : Windows 8.1
  • Forefront UAG 2010 SP4 supports Windows 8.1 client computers that use Internet Explorer 11 and Internet Explorer 11 on the desktop.
  • Mail: Users can use the built-in Mail application on Windows 8.1 computers to connect to a published Microsoft Exchange server.
  • Remote Desktop: Forefront UAG SP4 supports the Remote Desktop Connection (RDC) 8.1 client.




Customizing the AD FS Sign-in Pages

I found this article useful for customizing the logon page for the Web Application Proxy..