Setting up Access Manager Plus over WAN
Set up Access Manager Plus over a wide area network (WAN) to connect to multiple remote systems and benefit from Access Manager Plus's improved scalability. This can be achieved through three different ways; connecting to Access Manager Plus through a cloud server, using a load balancer with a public IP, and using a proxy server to route requests to Access Manager Plus. This document discusses in detail the various methods of setting up Access Manager Plus over a WAN.
Prerequisites:
- A server in which Access Manager Plus is installed. Please refer to the installation guide for detailed steps.
- A public IP address acquired from your service provider, required to expose the Access Manager Plus server over the WAN, or to configure your Firewall/Load balancer to accept external requests.
- A domain DNS name acquired from your service provider that helps your users to use this URL and reach Access Manager Plus over the WAN. An example URL looks like, accessmanagerplus.yourcompany.com.
- Access Manager Plus uses ports 9292 and 9293 for web access. Therefore, if you are using a Cloud server, ensure these two ports are open in the cloud server's Security Group rules/Firewall rules.
Steps Required
There are three ways to expose Access Manager Plus to be accessed over WAN:
1. Using a Cloud Server Platform
1. Using a Cloud Server Platform
If your enterprise is using a cloud service platform such as Microsoft Azure, AWS or Google Cloud, you can use a virtual machine in the cloud server to make Access Manager Plus available over WAN for public use.
- Install Access Manager Plus in one of the virtual machines in the cloud server and enable WAN access in the server.
- Open access to Access Manager Plus ports 9292 and 9293 in the cloud server's Security Group rules/Firewall rules.
Note: Cloud service providers generally offer the provision to enable public access to virtual machines even in free plans.
2. Using a Firewall or a Load Balancer with a Public IP
In case you do not use a cloud service platform, using a load balancer can help with optimizing network traffic across multiple application instances.
Follow the below steps to use a firewall or a load balancer with Access Manager Plus:
- If you have installed Access Manager Plus in an internal server, then configure your load balancer or firewall to accept external access requests.
- Route the external requests to the internal server where Access Manager Plus is installed.
- For example, when your users access the public URL accessmanagerplus.yourcompany.com, the request reaches your load balancer/firewall first. Then, the load balancer or firewall routes the request to your internal server where Access Manager Plus is installed.
To secure this set up further, install your own SSL certificate in the load balancer to keep it secure from the exposed public network.
3. Using Nginx as a Proxy Server
In case you do not use a cloud service platform or a load balancer, you can set up a proxy server using applications such as Nginx to achieve the same result. Applications like Nginx act as a software load balancer.
Follow the below steps to set up Nginx as a proxy server:
- Install Nginx in an external server with a Public IP enabled.
- Configure the Nginx set up to accept external requests.
- Route the requests to your internal server where Access Manager Plus is installed.
You can configure the Nginx server to accept requests in any port and then route it to the internal server ports 9292 and 9293 respectively. Here is a sample Nginx conf file for your reference.
Click here to learn more about how to use Nginx as a load balancer.
The following flow diagram illustrates how Access Manager Plus can be set up to work over WAN with a load balancer or a proxy server using an application like Nginx:
