manualshive.com logo in svg

Novell Access Manager 3.1 SP2 Beta 1, Manual

Novell Access Manager 3.1 SP2 Beta 1 user manual is available for free download from our website. This manual provides detailed instructions and guidelines on how to effectively utilize the features of the product. Download the manual now and enhance your experience with Novell Access Manager.

Share
Download
background image

Access Manager 3.1 SP2 Beta 1 Scenarios

21

no

vd

ocx 

(e

n)

  

17

 Sep

te

m

be

r 20

09

Š

You have installed and configured 3.1 SP2 version of the Identity Server. For installation 
information, see the 

Access Manager Installation Guide

 (http://www.novell.com/

documentation/beta/novellaccessmanager31/installation/data/bookinfo.html)

.

Š

You have installed and configured 3.1 SP2 version of the ESP-enabled SSL VPN server. For 
installation and configuration information, see the 

SSL VPN Server Guide 

 (http://

www.novell.com/documentation/beta/novellaccessmanager31/sslvpn_serverguide/data/)

.

4.7.2  Known Issues 

None.

4.7.3  Procedure

1

Log in to the Administration Console.

2

Select the ESP-enabled SSLVPN server, then click 

Edit

3

Select 

Authentication Configuration

.

4

Specify details of the Embedded Service Provider Base URL.
For this beta scenario, select HTTP and specify port 80.

5

Select the 

Enable Port Translation

 option.

6

In the 

To

 field, specify the port Tomcat listens on. 

For this beta scenario, specify 8080.

7

Click 

OK

 twice, then update the SSL VPN server.

8

From a client, establish a SSL VPN connection using port 80.
The operating system translates the request for port 80 to port 8080 before sending it to Tomcat.

4.7.4  Test Results 

An SSL VPN client can connect using port 80 rather than port 8080.

4.7.5  Troubleshooting Tips 

Run the 

iptables

 command on the SSL VPN server and verify that the proper port translation 

entries are available.

5  Documentation Conventions

In this documentation, a greater-than symbol (>) is used to separate actions within a step and items 
in a cross-reference path.

A trademark symbol (

®

TM

, etc.) denotes a Novell trademark; an asterisk (*) denotes a third-party 

trademark

Summary of Contents for Access Manager 3.1 SP2 Beta 1

Page 1: ...The SLES 11 version of the Access Gateway Appliance supports newer hardware and SLES 11 is a supported operating system that provides security updates The previous version of the Access Gateway Appli...

Page 2: ...cess Gateway Appliances in a cluster from 3 0 SP4 to 3 1 SP2 and use the timeout per protected resource feature 1 2 1 Assumptions Your current Access Manager setup has a 3 0 SP4 IR4 version of the Adm...

Page 3: ...figuration at the Identity Server 4b Apply the changes to the Linux Access Gateway Appliance cluster The timeout per protected resource feature is enabled on the Linux Access Gateway Appliances 5 If y...

Page 4: ...ce from the network 4 Install the SLES 11 version of the Access Gateway Appliance For installation instructions see Installing the Linux Access Gateway Appliance http www novell com documentation beta...

Page 5: ...C1 using the Name Password Form method Set the authentication timeout value to 15 minutes and set the Activity realm to test 2 At the Access Gateway create protected resource PR1 and assign C1 to it 3...

Page 6: ...signing a Timeout Per Protected Resource http www novell com documentation beta novellaccessmanager31 accessgatehelp data prlist html bmn94qo 2 1 2 Known Issues None 2 1 3 Procedure 1 Create a new aut...

Page 7: ...13 Go back to the page on protected resource PR1 Access should still be allowed The user has not been inactive so the activity has kept the session to PR1 active 14 Access the page on protected resou...

Page 8: ...t confusion all authentication contracts should be assigned the default session timeout if the Any Contract option is used 2 2 Unique Activity Realms The purpose of this scenario is to introduce you t...

Page 9: ...e PR2 9 Update the Access Gateway 10 Access a page on protected resource PR1 from a client browser You should be prompted to authenticate 11 Access a page on protected resource PR2 with the same brows...

Page 10: ...ct option To prevent authentication timeout confusion all authentication contracts should be assigned the default session timeout if the Any Contract option is used 3 Access Gateway Service Scenarios...

Page 11: ...s use one of the basic configuration scenarios from the Setup Guide http www novell com documentation beta novellaccessmanager31 basicconfig data bookinfo html To use an existing Web server see Config...

Page 12: ...edure 1 Log in to the Administration Console then click Devices SSL VPNs Edit 2 Click Client Integrity Check Policies 3 Create new policies for different operating systems For example 3a Select Window...

Page 13: ...ager 3 1 SP2 provides an option in the Administration Console to control the desktop cleanup options for the SSL VPN users You can configure the following client cleanup options Clear Browser Private...

Page 14: ...ption provided by OpenVPN to authenticate the client before OpenVPN negotiation is initiated It means that the first packet from the OpenVPN client to the OpenVPN server contains the HMAC signature Th...

Page 15: ...ell sslvpn hmac key file holds the same HMAC key as in the config xml file After regenerating the key the time stamp should change appropriately The config xml file and the hmac key file should be upd...

Page 16: ...following A single host IP address such as 192 168 45 1 A range of IP addresses in the same subnet such as 192 168 46 8 192 168 46 21 A network or mask such as 192 168 47 0 255 255 255 0 A full tunnel...

Page 17: ...bookinfo html Kiosk mode is not supported on 64 bit Windows clients 4 5 2 Known Issues In a Windows 7 32 bit client the Internet Explorer 8 browser cannot be used in the Kiosk mode to access HTTP dat...

Page 18: ...session and verify that the client cleanup options are enforced by verifying the browser private data and Java cache 4 5 4 Test Results for New Client Operating Systems In each of the clients the brow...

Page 19: ...ity check enforcement for the application definition type of AbsoluteFile has been extended to use MD5 checksum With this change you can now use the file name as well as the MD5 checksum value of the...

Page 20: ...e file on the client is the same as the definition on the SSL VPN server 4 6 6 Troubleshooting Tips If you initially had a file whose MD5 checksum was calculated on the SSL VPN server then the file wa...

Page 21: ...4 Specify details of the Embedded Service Provider Base URL For this beta scenario select HTTP and specify port 80 5 Select the Enable Port Translation option 6 In the To field specify the port Tomcat...

Page 22: ...r import deliverables You agree not to export or re export to entities on the current U S export exclusion lists or to any embargoed or terrorist countries as specified in the U S export laws You agre...

Reviews:

No comments

Related manuals for Access Manager 3.1 SP2 Beta 1

Panasonic PT-D10000 Series Setup And Operation Manual preview
PT-D10000 Series
Brand: Panasonic Pages: 37
TANDBERG Movi 3.0 Reference Manual preview
Movi 3.0
Brand: TANDBERG Pages: 66
TANDBERG Content Server None User Manual preview
Content Server None
Brand: TANDBERG Pages: 14
Blackberry MAIL - BROWSING SMARTPHONE User Manual preview
MAIL - BROWSING SMARTPHONE
Brand: Blackberry Pages: 25
Genesys Hosted Provider Edition (HPE) 8.1 Product Availability Announcement preview
Hosted Provider Edition (HPE) 8.1
Brand: Genesys Pages: 5
Amazon VBA Manual preview
VBA
Brand: Amazon Pages: 60
Tascam HS-P82 Release Note preview
HS-P82
Brand: Tascam Pages: 6
Spectra Logic Spectra nTier500 User Manual preview
Spectra nTier500
Brand: Spectra Logic Pages: 112
Cyber Sciences CyTime EM-100 Quick Start Manual preview
CyTime EM-100
Brand: Cyber Sciences Pages: 2
LEI Extras MapCreate Canada 6.3 Addendum preview
MapCreate Canada 6.3
Brand: LEI Extras Pages: 1
FieldServer FS-8700-41 Driver Manual preview
FS-8700-41
Brand: FieldServer Pages: 48
Autodesk 18507-051452-9325 - UPG ARCH DESKTOP 2007 Installation Manual preview
18507-051452-9325 - UPG ARCH DESKTOP 2007
Brand: Autodesk Pages: 104
Access VIRUS|POWERCORE User'S Reference Manual preview
VIRUS|POWERCORE
Brand: Access Pages: 124
Xerox DocuColor 250 Online Help Manual preview
DocuColor 250
Brand: Xerox Pages: 378
Canon CanoScan FB620P User Manual preview
CanoScan FB620P
Brand: Canon Pages: 36
AVG Anti-Virus Free Edition 2011 User Manual preview
Anti-Virus Free Edition 2011
Brand: AVG Pages: 141
AVG 8.5 ANTI-VIRUS PLUS FIREWALL User Manual preview
8.5 ANTI-VIRUS PLUS FIREWALL
Brand: AVG Pages: 175
AVG ANTI-VIRUS BUSINESS EDITION 9.0 - REV 90.6 User Manual preview
ANTI-VIRUS BUSINESS EDITION 9.0 - REV 90.6
Brand: AVG Pages: 245

Brands by name

Popular brands

Load more brands