Novell ACCESS MANAGER 3.1 SP2 - ACCESS GATEWAY GUIDE 2010 Manual page 23

2 Specify the hostname that is placed in the HTTP header of the packets being sent to the Web
servers. In the Host Header field, select one of the following:
Forward Received Host Name: Indicates that you want the HTTP header to contain the
published DNS name that the user sent in the request.
Web Server Host Name: Indicates that you want the published DNS name that the user
sent in the request to be replaced by the DNS name of the Web server. Use the Web Server
Host Name field to specify this name.
3 Select Error on DNS Mismatch to have the proxy determine whether the proxy service should
compare the hostname in the DNS header that came from the browser with the DNS name
specified in the Web Server Host Name option. The value in the parentheses is the value that
comes in the header from the browser.
If you enable this option and the names don't match, the request is not forwarded to the Web
server. Instead, the proxy service returns an error to the requesting browser. This option is only
available when you select to send the Web Server Host Name in the HTTP header.
4 If your browsers are capable of sending HTTP 1.1 requests, configure the following field to
match your Web servers:
Enable Force HTTP 1.0 to Origin: Indicates whether HTTP 1.1 requests from browsers are
translated to HTTP 1.0 requests before sending them to the Web server. If your browsers are
sending HTTP 1.1 requests and your Web server can only handle HTTP 1.0 requests, you
should enable this option.
When the option is enabled, the Access Gateway translates an HTTP 1.1 request to an HTTP
1.0 request.
5 To enable SSL connections between the proxy service and its Web servers, select Connect
Using SSL. For configuration information for this option, Web Server Trusted Root, and SSL
Mutual Certificate, see
Servers," on page 115.
6 In the Connect Port field, specify the port that the Access Gateway should use to communicate
with the Web servers. The following table lists some default port values for common types of
Web servers.
Server Type
Web server with HTML content
SSL VPN
WebSphere
JBoss
7 To control how idle and unresponsive Web server connections are handled and to optimize
these processes for your network, select TCP Connect Options. For more information, see
Section 1.6.2, "Configuring TCP Connect Options for Web Servers," on page
8 To add a Web server, click New in the Web Server List and specify the IP address or the fully
qualified DNS name of the Web server.
The Web servers added to this list must contain identical Web content. Configuring your
system with multiple servers with the same content adds fault tolerance and increases the speed
for processing requests. For more information about this process, see
Group of Web Servers," on page
Section 3.4, "Configuring SSL between the Proxy Service and the Web
Non-Secure Port
80
8080
9080
8080
182.
Configuring the Access Gateway to Protect Web Resources
Secure Port
443
8443
9443
8443
70.
Section 6.1, "Setting Up a
23