The Access Gateway has two processes that can be stopped and started: the Access Gateway and the Embedded Service Provider within the Access Gateway. Normally, you do not need to stop and start these services. However, if you need to change certain configuration options, you can be prompted to update the Access Gateway or to restart the Embedded Service Provider.
The following sections explain how to update, stop, start, and schedule a restart of the various Access Manager components:
When a configuration change has been made, but not applied, the Access Gateway is in an status on the Access Gateways page. If the Access Gateway is a member of a cluster, the cluster is in an status. You can click to apply the configuration change to a single Access Gateway or to apply the configuration change to all members of a cluster.
If the changes have been saved to browser cache, but not to the configuration store, the changes are lost if your session times out before you apply the changes. The Access Gateway remains in an status, but when you click , there are no changes to apply. If you prefer to update members of a cluster one at a time, it is best to save the changes to the configuration datastore before applying them. Click , then click .
When you click , three options are displayed:
When you have modified services of the Access Gateway, the update option for is available. Depending upon what has been modified, updating might cause logged in users to lose data and their connections.
When the ESP logging settings have been modified on the Identity Server, the update option for is available. The option causes no interruption in services.
If a policy is modified that the server has enabled for a protected resource or a protected resource has a policy enabled or disabled and the policy changes are the only modifications that have occurred, the update option for is available. The Policy Settings option causes no interruption in services.
When you make the following configuration changes, the option is the only option available and your site will be unavailable while the update occurs:
The Identity Server configuration that is used for authentication is changed. To access this option, click > > then select a different value for the option.
A different reverse proxy is selected to be used for authentication. To access this option, click > > , then select a different value for the option.
The protocol or port of the authenticating reverse proxy is modified. To access this option, click > > > , then change the SSL options or the port options.
The published DNS name of the authentication proxy service is modified. To access this option, click > > > > , then modify the option.
To stop and start the Access Gateway service provider:
In the Administration Console, click > , select the Access Gateway, then click .
Click > , then click .
In a few seconds, the icon of the Access Gateway should turn green.
When an Access Gateway is removed from a cluster configuration, the Embedded Service Provider is stopped. It should remain stopped until you have reconfigured the Access Gateway. When you have finished the reconfiguration, you should start the Embedded Service Provider.
In the Administration Console, click > , select the Access Gateway, then click .
Click > , then click .
In a few seconds, the Health icon of the Access Gateway should turn green.
Stopping the Embedded Service Provider is a quick way to make the Access Gateway inaccessible to users.
In the Administration Console, click > , select the Access Gateway, then click .
Click > , then click .
In a few seconds, the status icon of the Access Gateway should turn red.
For a Gateway Appliance, the Restart option is really a reboot option. The Access Gateway is stopped, the operating system is rebooted, then the Access Gateway is started.
In the Administration Console, click > , select the Access Gateway.
Click .
In a few minutes, the status icon of the Access Gateway should turn green.
Rebooting the Access Gateway makes all protected resources unavailable until the Access Gateway returns to a server status of green. Scheduling this event allows you to pick the best time for your resources to be momentarily unavailable.
In the Administration Console, click > , select the Access Gateway, then click .
Click .
The following field displays information about the command you are scheduling.
Type: Displays the type of command that is being scheduled, such as .
Fill in the following fields:
Name Scheduled Command: (Required) Specifies a name for this scheduled command. This name is used in log and trace files.
Description: (Optional) Provides a field to describe the reason for the command.
Date & Time: The drop-down menus allow you to select the day, month, year, hour, and minute when the command should execute.
Click .
You should stop the Access Gateway Appliance only when you plan to turn off the power. After you have stopped the Access Gateway Appliance, you must have physical access to the machine to start it.
In the Administration Console, click > , select the Access Gateway, then click .
To confirm the shutdown, click .
The machine is physically turned off.
Scheduling a shutdown allows you to pick the best time for the Access Gateway to be unavailable.
In the Administration Console, click > , select the Access Gateway, then click .
Click .
The type field displays information about the command you are scheduling, such as
Fill in the following fields:
Name Scheduled Command: (Required) Specifies a name for this scheduled command. This name is used in log and trace files.
Description: (Optional) Provides a field to describe the reason for the command.
Date & Time: The drop-down menus allow you to select the day, month, year, hour, and minute when the command should execute.
Click .
The machine is turned off when the scheduled command executes.