A basic Access Manager configuration with Identity Server and Access Gateway configured for SSL.
This can be the one you set up using the instructions in either Setting Up a Basic Access Manager Configuration or Sample Configuration for Protecting an Application Through Access Manager. For SSL configuration, see Enabling SSL Communication.
Identity Server from this configuration becomes Site B in Figure A-2.
A second Identity Server with a basic configuration, an LDAP user store, and SSL. This Identity Server is configured to be Site A in Figure A-2.
Time synchronization must be set up for all the machines, or authentication can fail if assertions expire before they can be used.
A DNS server must be configured to resolve the DNS names of Site A, Site B, and Access Gateways.
(Recommended) Logging has been enabled on Identity Servers of Site A and Site B. See Configuring Logging for Identity Server. Ensure that you enable at least application and protocol (Liberty, SAML 1, or SAML 2.0) logging at an Info level or higher.