First Firewall: If you place a firewall between browsers and Access Gateway and Identity Server, you need to open ports so that browsers can communicate with Access Gateway and Identity Server and Identity Server can communicate with other identity providers.
For information about ports required to open in the first firewall, see First Firewall
in the NetIQ Access Manager CE 24.2 (v5.1) Installation and Upgrade Guide.
Second Firewall: The second firewall separates web servers, LDAP servers, Analytics Server, and Administration Console from Identity Server and Access Gateway.
For information about ports required to open in the second firewall, see Second Firewall
in the NetIQ Access Manager CE 24.2 (v5.1) Installation and Upgrade Guide.