Novell ACCESS MANAGER 3.1 SP1 - GATEWAY GUIDE Manual page 83

An Access Gateway usually processes HTTP requests in order to fill them. However, it is not
unusual that some of the traffic coming through the gateway is not HTTP-based. Web servers
sometimes handle Telnet, FTP, chat, or other kinds of traffic without attempting to process it. If your
Web servers are handling this type of traffic, you should set up a tunnel for it.
Reverse proxies and tunnels cannot share the same IP address and port combination. You can either
configure a reverse proxy for an IP address and port or a tunnel for that IP address and port.
To set up a tunnel:
1 In the Administration Console, click Devices > Access Gateways > Edit > Tunneling.
2 Click New, enter a display name for the tunnel, then click OK.
3 Fill in the following fields:
Enable Tunnel: Specifies that the Access Gateway should set up a tunnel for all incoming
traffic. This option must be enabled to configure a tunnel.
Tunnel SSL Traffic Only: Allows you to configure the Access Gateway to tunnel only SSL
traffic. If this option is selected, the Access Gateway verifies that the address and port being
accessed are actually an SSL Web site. If verification fails, the service tears down the
connection. The SSL port number for the SSL tunnel is specified via the Listening Port and the
Connect Port.
Published DNS Name: Specify the DNS name you want the public to use to access your
tunnel or the virtual IP address assigned to the Access Gateway cluster by the L4 switch. If you
specify a DNS name, the DNS name must resolve to the IP address you set up as the listening
address for the tunnel.
4 Configure the communication options between the browsers and the tunnel by configuring the
following fields:
Server Configuration Settings 83