Ensure that the system meets the requirements for Access Gateway.
For information about the requirements, see NetIQ Access Manager System Requirements.
Timeout Per Protected Resource (TOPPR) is enabled and applied in the Access Gateway. In the Administration Console, click Devices > Access Gateways > Edit, then click Enable Timeout Per Protected Resource.
If the Enable Timeout Per Protected Resource option has already been applied, it will not be displayed on the screen.
You have physical access to the server or server console (in case of VMWare setups) as a root user and are familiar with firewall configurations. The required ports must be opened in the firewall. For more information about the ports, see Section 1.8.1, Required Ports.
Ensure that you have migrated all Administration Consoles and Identity Servers before migrating Access Gateway Service.
Back up all customized files.
Verify that the time on the machine is synchronized with the time on Administration Console. If the times differ, Access Gateway Service is not imported to Administration Console.
If a firewall separates the machine and Administration Console, ensure that the required ports are opened. See Table 1-3.
Because Access Gateway Service runs as a service, the default ports (80 and 443) that Access Gateway Service uses might conflict with the ports of other services running on the machine. If there is a conflict, you need to decide which ports each service can use.
Ensure that the following RHEL RPMs are installed on the machine:
ncurses-libs.i686
createrepo
yum-utils
ntp
glibc.i686
nss-softokn-freebl.i686
libgcc.i686
libstdc++.i686
rsyslog.x86_64
rsyslog-gnutls.x86_64
unzip
bind-utils
net-tools
zip
net-snmp
expat
For installing RHEL packages manually, see Installing Packages and Dependent RPMs on RHEL for Access Manager.
NOTE:You can select to install these RPMs automatically along with Access Manager installation. While installing Access Manager, specify N when you get the following prompt:
Enter the local mount directory if you have the OS ISO mounted locally. This will be used as the local catalog for the additional rpms. Do you have a locally mounted ISO (y/n)?
The Access Manager installer checks the online catalog and then installs the required RPMs automatically.
2 to 10 GB hard disk space per reverse proxy that requires caching and for log files. The amount varies with rollover options and the logging level that you configure.
A static IP address and a DNS name. The ActiveMQ module of Access Gateway Service must be able to resolve the machine’s IP address to a DNS name. If the module can’t resolve the IP address, the module does not start.
Other Access Manager components must not be installed on the same machine.