The access point is the gatekeeper for all resource and access requests. It interacts with the policy service to validate queries and authorize access. You can set up several access points, to handle situations with large numbers of access requests (load balancing).The access point functionality can be divided into web access and access via the Digital Access Client.
The web access supports a secure connection to information that is presented in HTML format in standard web browsers.
By using the access client, secure access is enabled from more advanced TCP/IP clients such as Telnet. For more information, see Digital Access Client.
A first access point was added during setup of the Hybrid Access Gateway system, see Deploy Hybrid Access Gateway and do initial setup. To change this setting or to add another access point, use the instructions on this page.
How does the access point function?
Users can connect to the access point through any standard browser supporting SSL 3.0.
The access points can operate in any network that supports TCP/IP with ports open for both HTTP and SSL. OpenSSL algorithms are supported, with no limitation of key lengths.
The access point supports a number of authentication methods used to identify and verify identification of users.
Advanced access control is implemented in the access point. The access control is performed in conjunction with a firewall and the access control in internal systems.
The access points provide for validation of digital signatures when integrated with a Public Key Infrastructure (PKI) solution.
The session to the client is handled by the use of cookies. Cookies generated from internal systems are never passed on from the access point to the client.
Prerequisites
Prerequisites for load balancing
The user must add multiple access points and add Load balancing listener in order to configure mirroring of access points in Configure Load Balancing page.
To add load balancing listener:
Go to each registered access point and click Add Additional Listener...
Enter details and select Type as "Load Balance".
Click Add when done.
Step-by-step instruction
Log in to Hybrid Access Gateway administration interface
Log in to the Hybrid Access Gateway administration interface with your admin user.
Add access point
In the Hybrid Access Gateway administration interface, go to Manage System.
Click Access Points > Add Access Point...
Enter settings for the access point. For more information, click the ?-sign.
When finished, click Add.
Set up and configure an access point
In the Hybrid Access Gateway administration interface, go to Manage System.
Click Access Points.
Select the access point that you want to configure in the list of registered access points.
Edit the settings for the access point. For more information, click the ?-sign.
Click Save when done.
Edit global access point settings
In the Hybrid Access Gateway administration interface, go to Manage System.
Click Access Points > Manage Global Access Point Settings.
Enter settings for Performance, Cipher Suites (see below), and make advanced settings, for example, Session Control, Cookie Persistance and Client Access.
Click Save when done.
Check supported cipher suites
In the Hybrid Access Gateway administration interface, go to Manage system > Access Point.
Click Manage Global Access Points Settings and select the Cipher Suites tab.
Make sure that these cipher suites are in the list of supported cipher suites, or else add them to the list: ECDHE_RSA_AES_128_CBC_SHA ECDHE_RSA_AES_128_CBC_SHA256 ECDHE_RSA_AES_128_GCM_SHA256 ECDHE_RSA_AES_256_CBC_SHA ECDHE_RSA_AES_256_CBC_SHA384 ECDHE_RSA_AES_256_GCM_SHA384 RSA_AES_128_GCM_SHA256 RSA_AES_256_GCM_SHA384
Click Save.
Configure load balancing
In the Hybrid Access Gateway administration interface, go to Manage System.
Click Access Points > Configure Load Balancing...
Enter settings for load balancing. For more information, click the ?-sign.
For Mirrored Access Points, select any two access points to be mirrored along with load balancing listener.