VMware UAG (Unified Access Gateway) is a cool little security appliance, deployable on vSphere, AWS, Azure etc that hosts a lot of Workspace ONE edge services: Horizon Proxy, Web Reverse Proxy, Tunnel VPN Gateway, Content Gateway and (since 3.6) the Secure Email Gateway. The challenge is that the thing was built to be headless and super-secure, which means it is almost bare inside. And this is not helpful when troubleshooting.
While watching a VMworld 2019 Session (links at the bottom) I’ve found out that there is actually a hidden tcpdump and ethtool installer, which was first made for our own support services, but is generally available for everyone now.
All you need to do is invoke /etc/vmware/gss-support/install.sh command from the UAG CLI. Of course, it is highly advisable to remove the tools once the troubleshooting is done via /etc/vmware/gss-support/uninstall.sh !
In case you need a refreshed on TCPdump and ETHtool:
- https://hackertarget.com/tcpdump-examples/
- https://danielmiessler.com/study/tcpdump/
- https://www.poftut.com/linux-ethtool-tutorial-usage-examples/
- https://www.linuxjournal.com/content/fun-ethtool
With TCPdump I usually prefer capturing everything into a PCAP file and then loading in WireShark for analysis. Now we only need NetCat to be able to stream it conveniently to a remote host.
That is it for today – enjoy, and let me know if it was helpful!
