2.2 First Reverse Proxy Configuration

This section explains how to create a reverse proxy to protect the name and IP address of your Web server from being exposed to users. Section 2.3, Configuring the Protected Resource for Authentication builds on this configuration and explains how to require authentication to gain access to the Web server.

Table 2-2 Access Gateway Configuration Information

What You Need To Know

Example

Your Value

Name of the Identity Server cluster

idpa

_______________________

DNS name of the Access Gateway

lag.test.novell.com

_______________________

Web server information

 

 

IP address

10.10.16.16

_______________________

DNS name

digital.test.novell.com

_______________________

Names you need to create

 

 

 

Reverse proxy name

DigitalAirlines

_______________________

 

Proxy service name

DA

_______________________

 

Protected resource name

everything

_______________________

For more information, see Configuring the Access Gateway in the Novell Access Manager 3.1 SP2 Setup Guide.

  1. In the Administration Console, click Devices > Access Gateways.

  2. Click Edit, then click Reverse Proxy/Authentication.

  3. Configure a reverse proxy:

    • In the Authentication Settings section, select idpa from the drop-down list.

      In Table 2-2, this is the sample name of the Identity Server cluster.

    • In the Reverse Proxy section, click New, specify DigitalAirlines, then click OK.

      In Table 2-2, DigitalAirlines is the sample reverse proxy name.

  4. To configure a proxy service, click New in the Proxy Service section, then fill in the following fields:

    Proxy Service Name: DA

    In Table 2-2, DA is the sample proxy service name.

    Published DNS Name: lag.test.novell.com

    In Table 2-2, this is the sample DNS name of the Access Gateway.

    Web Server IP Address: 10.10.16.16

    In Table 2-2, this is the sample IP address of the Web server.

    Host Header: Select the Web Server Host Name from the drop-down list.

    Web Server Host Name: digital.test.novell.com

    In Table 2-2, this is the sample DNS name of the Web server.

  5. Click OK, then configure a protected resource.

    • Click the Protected Resource tab.

    • In the Protected Resource section, click New, then specify everything.

      In Table 2-2, everything is the sample protected resource name.

    • In the URL Path section, examine the path. It should be set to /* to match everything on the Web server.

  6. Click OK to save the configuration.

  7. Click the Access Gateways task, then click Update.

    Wait for the health status to turn green. If it doesn’t turn green, click the Health icon to discover the cause.

  8. Click the Identity Servers task, then click Update.

  9. To test that the Access Gateway is protecting the Web server, open a browser and enter the following URL:

    http://lag.test.novell.com:80/
    

    The first page of the Web server is displayed. If you get an error, verify the following:

    • Check the times on the Access Gateway and the Identity Server. Their times need to be synchronized.

    • Verify that the browser machine can resolve the DNS name of the Access Gateway.