Novell Doc: Novell Access Manager 3.0 SP4 Quick Starts

2.2 First Reverse Proxy Configuration

This section explains how to create a reverse proxy to protect the name and IP address of your Web server from being exposed to users. Section 2.3, Configuring the Protected Resource for Authentication builds on this configuration and explains how to require authentication to gain access to the Web server.

What You Need To Know		Example	Your Value
Name of the Identity Server cluster		idpa	_______________________
DNS name of the Access Gateway		lag.test.novell.com	______________________
Web server information
	IP address	10.10.16.16	______________________
	DNS name	digital.test.novell.com	______________________
Names you need to create
	Reverse proxy name	DigitalAirlines	________________________
	Proxy service name	DA	________________________
	Protected resource name	everything	________________________
For more information, see Configuring the Access Gateway in the Novell Access Manager 3.0 SP4 Setup Guide.

In the Administration Console, click the Access Gateways task.
Click Edit, then click Reverse Proxy/Authentication.
Configure a reverse proxy:
- In the Authentication Settings section, select idpa from the drop-down list.
- In the Reverse Proxy section, click New, specify DigitalAirlines, then click OK.
To configure a proxy service, click New in the Proxy Service section, then fill in the following fields:

Proxy Service Name: DA

Published DNS Name: lag.test.novell.com

Web Server IP Address: 10.10.16.16

Host Header: Select the Web Server Host Name from the drop-down list.

Web Server Host Name: digital.test.novell.com
Click OK, then configure a protected resource.
- Click the Protected Resource tab.
- In the Protected Resource section, click New, then specify everything.
- In the URL Path section, examine the path. It should be set to /* which matches everything on the Web server.
Click OK to save the configuration.
Click the Access Gateways task, then click Update.

Wait for the health status to turn green. If it doesn’t turn green, click the Health icon to discover the cause.
- If the Access Gateway cannot connect to the Web server, verify the IP address of the Web server.
- Use the ping command to verify that the Access Gateway can communicate with the Web server and the Identity Server.
- Verify that the Access Gateway can resolve the DNS name of the Identity Server.
- For other problems, see Monitoring the Health of an Access Gateway in the Novell Access Manager 3.0 SP4 Administration Guide.
Click the Identity Servers task, then click Update.
To test that the Access Gateway is protecting the Web server, open a browser and enter the following URL:
```
http://lag.test.novell.com:80/
```
The first page of the Web server is displayed. If you get an error, verify the following:
- Check the times on the Access Gateway and the Identity Server. Their times need to be synchronized.
- Verify that the browser machine can resolve the DNS name of the Access Gateway.

IMPORTANT:Please provide feedback on this document by using the Add Comment link at the bottom of each page. We need to know whether it provides the right amount of information (too much? too little?) to get the Access Gateway configured.