Configuring IAG trunks in the resource provider organization

  • Article

Applies To: Intelligent Application Gateway (IAG)

Note

Before you start the configuration process, log on to Microsoft® Windows® with full administrator privileges.

This section describes IAG configuration in the resource provider organization.

You need to configure two types of trunks:

  • A portal trunk for application access (it is possible to create more than one portal trunk, for example, when you want to use a different external address for different partners).

  • A trunk for Federation Server Proxy (FS-P) replacement.

To create an IAG portal trunk by using IAG Configuration

  1. On the computer running the IAG, click Start, select All Programs, select Whale Communications IAG, and then click Configuration. Enter your password, and then click OK.

  2. In the Configuration program, in the List section, select and right-click HTTPS Connections, and then select New Trunk.

  3. In the Create New Trunk wizard, select Portal Trunk, and then click Next.

  4. Follow the instructions in the wizard. For details, click Help. When you reach the Authentication window, do the following:

    1. In the Authentication page, click Add.

    2. On the Authentication and User/Group Servers page, click Add.

    3. On the Add Server page, in the Type box, select Active Directory. This server is used by the federation server for authentication.

    4. On the Add Server page, in the Name box, type adfs.
      Enter all other parameters as required, and then click OK.

    5. In the Authentication and User/Group Servers list box, select the adfs authentication server, and then click Select. The authentication server is added to the list of servers in the Authentication window.

      Click Next.

    6. When you complete the wizard, click Finish. The wizard closes. The new trunk that you created appears in the List section, and the Configuration section displays the trunk’s parameters.

  5. In the Configuration section, next to Advanced Trunk Configuration, click Configure. The Advanced Trunk Configuration dialog box is displayed.

  6. In the Advanced Trunk Configuration dialog box, click the Authentication tab.

    009653c3-92ac-4b4d-b10b-73e4cb3a00c0

  7. In the Authentication tab, perform the following steps, and then click OK:

    1. In the Login Page box, type ADFS/login.asp

    2. In the On-the-Fly Login Page box, type ADFS/login.asp

    3. In the Logoff URL box, type /InternalSite/ADFS/LogoffMsg.asp

    4. Clear the Enable Users to Add Credentials On-the-Fly check box.

    5. Clear the Enable Users to Manage Their Credentials check box.

  8. In the Configuration section, under Applications, double-click Whale Portal. This is a default application.

  9. On the Application Properties dialog box, click the Web Servers tab, and then in the HTTPS Ports box, enter Auto.

  10. On the Application Properties dialog box, click the portal Links tab, and then in the Application URL box, change the URL from HTTP to HTTPS.

  11. Click OK. You are prompted to confirm this action. Click OK again.

  12. In the Applications area of the Configuration section, under the list of application names, click Add, or double-click an empty line.

  13. Follow the instructions in the Add Application wizard. For details, click Help. When you complete the wizard, click Finish. The Add Application wizard closes, and the application that you defined appears in the Applications area of the Configuration section.

  14. Repeat steps 12-13 to add all of the applications that you want to enable via the portal.

To create the IAG FS (FS-P replacement) trunk by using the IAG Configuration

  1. On the IAG, click Start, select All Programs, select Whale Communications IAG, and then click Configuration. Enter your password, and then click OK.

  2. In the IAGConfiguration program, in the List section, select and right-click HTTPS Connections, and then select New Trunk.

  3. Follow the instructions in the Create New Trunk wizard. For details, click Help.

    1. On the Select Trunk Type page, select Webmail Trunk, and then click Next.

    2. On the Webmail Application page, select the AD Federation Server check box, and then click Next.

    3. On the Setting the Trunk page, enter the parameters as required, and then click Next.

    4. On the Authentication page, select the AD server that you created in the portal trunk configuration, and then click Next.

    5. On the Certificate page, in the Server Certificate drop-down list, select a certificate, and then click Next.

    6. On the Application Server page, in the IP Address box, type the IP address of the federation server.

    7. In the HTTP Port box, type the federation server listener port (the default is 443), and then select the Is SSL check box.

      Follow all of the consecutive steps until you complete the wizard, and then click Finish. The wizard closes. The new trunk that you created appears in the List section, and the Configuration section displays the trunk’s parameters.

  4. In the Configuration section, next to Advanced Trunk Configuration, click Configure.

  5. On the Advanced Trunk Configuration dialog box, click the Authentication tab.

  6. On the Authentication tab, clear the Authenticate User on Session Login check box.

  7. On the toolbar of the IAG Configuration program, click Activateconfiguration. In the ActivateConfiguration dialog box, click Activate.