Unified Access Gateway 2312 | 30 JAN 2024

Check for additions and updates to these release notes.

VMware Unified Access Gateway appliance helps enable secure remote access for virtual desktops, internal sites, applications, and file repositories users. To learn more, see Unified Access Gateway Documentation.

VMware Unified Access Gateway Release Notes provides information about the new features and enhancements in each release. This page contains a summary of the new capabilities, issues resolved, and known issues that are reported in each version.

IMPORTANT NOTES

  • SHA-1 as a thumbprint hash algorithm for certificate validations in outbound TLS connections is now deprecated. The default minimum supported thumbprint hash algorithm is now SHA-256. While SHA-1 can still be explicitly configured if necessary, this is not recommended. The MD5 algorithm is no longer supported.

  • HTTP headers Host and X-Forwarded-Host are now validated by default against two allow lists of permitted host headers:

    • A list that is dynamically computed based on network configurations, Edge Service settings and High Availability settings.

    • An explicitly configured list.

  • When URL thumbprint validation is not used, hostname verification on the server certificate is now enabled by default for outbound TLS connections.

See KB 96373 for more details.

What's New

VMware Unified Access Gateway 2312 provides the following new features and enhancements:

  • TLS 1.3 is now supported in FIPS mode. Note that Connection Server 2312 does not yet support TLS 1.3, and TLS 1.2 should still be enabled until a future Connection Server release.

  • Introduced communityName parameter for SNMPv1+SNMPv2 configuration

  • SAML identity provider metadata (used for supporting Horizon client user authentication) can now be viewed, edited, and deleted from Admin UI and REST API.

  • The metadata for the Identity Provider information can now be edited and deleted within the Admin UI.

  • Details of the TLS certificate installed on admin and internet interfaces can now be viewed on the Admin UI.

  • Added option to set DisableHTMLAccess for Horizon Settings during PowerShell deployment. This may be used to block browsers from accessing Horizon virtual desktops and applications.

  • Added configuration headersToBeLogged for adding specific HTTP headers to be included in default log level. This parameter may be used to specify headers like X-Forwarded-For to be added to the esmanager.log.

  • Enhanced adminreset command to support configuration of allowed host headers

  • Disk space usage statistics are now collected periodically and included in the log archive for troubleshooting purposes.

  • Log level can now be modified on a single Tunnel server.

    Example: vpnreport log --level=3 --duration=30

    Duration: Time in minutes.

    This command reverts the log level to the default value: vpnreport log --clear

    Level:

    1

    Error

    2

    Warning

    3

    Information

    4

    Debug

  • vpnstats now report MFA information. The following items are added: MFA enablement and JWT enablement status.

  • Logging improvements.

  • Updates to Photon OS package versions and Java versions.

Before You Begin

Resolved Issues

Note: The numbers included before the resolved issues are used by VMware's internal issue tracking system.

  • PPAT-144460: Test Connection does not report server health if outbound proxy is unreachable from Tunnel server

Known Issues

We have not identified any notable known issues in this release. If you are facing any problems, reach out to our support team.

Documentation

Documentation for VMware Unified Access Gateway is located at VMware Docs.

Internationalization

The Unified Access Gateway user interface, online help, and product documentation are available in Japanese, French, German, Spanish, Brazilian Portuguese, Simplified Chinese, Traditional Chinese, and Korean.

Support Contact Information

To receive support, access VMware Customer Connect. To learn more about the support policies, see Support Policies.

For information about filing a Support Request in Customer Connect and using Cloud Services Portal, see the VMware Knowledge Base (KB) article 2006985.

check-circle-line exclamation-circle-line close-line
Scroll to top icon