DMZ Configuration with Access Manager

DMZ Configuration with Access Manager

Problem

A Forum reader recently asked:

"I am setting up NAM in the lab, with the configuration of the Identity Server and Access Gateway in the DMZ. I am not experienced it this type of setup, since we currently have iChian on the inside of the network, so this is going to be a completely different setup.

The IDP sever in the illustration of the "Setting Up Firewalls" section of the setup guide appears to have TWO NICS, and the Access Gateway appears to be set up that way. Or is this illustration indicating that the IDP server has a hole in the firewall to communicate to the LDAP server, and a hole in the firewall to communicate with the Admistration Console? I assume the LAG has to have two NICS, one for outside communication and the other for reverse proxies - correct?"

And here's the response from Ben Walter ...

Solution

You could use physical interfaces to do the segregation, but it'd be easier and cheaper to have the firewall doing all the port routing and restrictions.

Required ports between components is well documented in the official NetIQ Documentation

AM3_Traffic.gif

That shows most ports used between AM3 components.

Labels (2)
Tags (1)

DISCLAIMER:

Some content on Community Tips & Information pages is not officially supported by Micro Focus. Please refer to our Terms of Use for more detail.
Comments
I get not found error. Thanks
The original (old cools) link points to a novell site in nz and the link is no longer valid.
If anyone has AM3_Traffic.gif, can you please send it to Coolguys so this can be updated?
Or at least send a link of where it is.

This was a really good NAM map and I've lost mine.

Thanks,
Mike...
Top Contributors
Version history
Revision #:
6 of 6
Last update:
‎2020-01-31 11:32
Updated by:
 
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.