ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

How do I configure the SiteMinder Access Gateway Server for the HOST and PORTS for the Server?

book

Article ID: 224518

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder)

Issue/Introduction

If I am adding dedicated IPs to a server that has the Access Gateway on it. Do I need to configure Apache or Tomcat to use that new IP? If so how do I do that? Didn't see it mentioned under the Access Gateway Config section of the documentation.

Environment

Release :R12.8.x

Component :SiteMinder Access Gateway Server

Resolution

The "front-door" of the SiteMinder Access Gateway is "Apache", so what HostName and PORTS Apache binds to or "listens" on is defined in the httpd.conf and the htpd-ssl.conf with the Apache "LISTEN" directive(s). See also the <VirtualHost> directive in the Apache documentation.

Following are Comments on the LISTEN Directive from an httpd.conf file;

# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, instead of the default. See also the <VirtualHost>
# directive.
#
# Change this to Listen on specific IP addresses as shown below to 
# prevent Apache from glomming onto all bound IP addresses.
#
# Listen with HOSTNAME: PORT used for running SPS on
# IPv4 or pure IPv6 or Dual stack machine
# Incase proper HOSTNAME has not been set, 
# please substitute SERVERHOSTNAME with hostname
# Other option is to comment the Listen Directive given below and
# add Listen <IPv4_IP>:2080 for IPv4 or Listen  [::]:2080 for IPv6
#Listen 2080
#

And following is from an httpd-ssl.conf;


# When we also provide SSL we have to listen to the 
# standard HTTP port (see above) and to the HTTPS port
#
# Listen with HOSTNAME:PORT used for running SPS on
# IPV4 or pure IPV6 or Dual stack machine
# Incase proper HOSTNAME has not be set, 
# please substitute SERVERHOSTNAME with hostname
# Other option is to comment the Listen Directive given bellow and
# add Listen <IPV4_IP>:443 for IPV4 or Listen  [::]:443 for IPV6

Listen "443"


Once Apache is configured, you can then configure your VirtualHosts in the Server.conf for TomCat.

Additional Information

https://httpd.apache.org/docs/2.4/bind.html
https://httpd.apache.org/docs/2.4/vhosts/
https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/configuring/access-gateway-configuration/configure-the-virtual-host-settings-manually.html