A basic Access Manager configuration with Identity Server and Access Gateway configured for SSL.
See in Setting Up a Basic Identity Server Cluster Access Manager Appliance Configuration . For SSL configuration, see Enabling SSL Communication.
Identity Server from this configuration becomes Site B in Figure A-2.
A second Identity Server with a basic configuration, an LDAP user store, and SSL. This Identity Server is configured to be Site A in Figure A-2.
Time synchronization must be set up for all the machines, or authentication can fail if assertions expire before they can be used.
A DNS server must be configured to resolve the DNS names of Site A, Site B, and Access Gateways.
(Recommended) Logging has been enabled on Identity Servers of Site A and Site B. See Configuring Logging for Identity Server. Ensure that you enable at least application and protocol (SAML 2.0) logging at an Info level or higher.