[THIN] Re: 2 Access Gateways different default logon points?
- From: "peter_dibbens" <peter_dibbens@xxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Mon, 16 Mar 2009 20:46:38 +1000
Hi Steve,
So in the example (please see my response to Jamie) I had 4 CAGS and 4 AAC
Servers all belonging to the same AAC farm. However 2 CAGS were internet
facing and 2 were Extranet facing (business 2 business and therefore semi
trusted) the extranet facing CAG's hosted the single factor logon point and
it was never deployed to the Internet facing CAG's. It would be exactly the
same if you has 2 CAG's to 1 AAC Server.
Thanks PeterD
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Steve Greenberg
Sent: Monday, 16 March 2009 12:49 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: 2 Access Gateways different default logon points?
Peter,
Are you saying in this case that both CAGs will point to the same AAC server
but that the landing page will re-direct them selectively to a new landing
page based on the MAC address of that CAG? That is slick!!
Steve Greenberg
Thin Client Computing
34522 N. Scottsdale Rd D8453
Scottsdale, AZ 85266
(602) 432-8649
www.thinclient.net
steveg@xxxxxxxxxxxxxx
_____
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of peter_dibbens
Sent: Sunday, March 15, 2009 3:42 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: 2 Access Gateways different default logon points?
Hi,
Simply put you can't segregate the CAGs within AAC they will be treated as
a single entity. Also if both the CAGs are using different FQDNS (likely)
then that can cause issues with the Secure Access Client.
However all said and done I have had to make this work for a larger customer
in the past. The way around it is to add some code to the basepage.aspx to
detect the mac address of the CAG i.e the one you may want the logon point
to be displayed upon.
There are other potentials ways that this could be achieved by say third
party load balances or even NetScaler.
If you want the code for basepage.aspx let me know.
The reason this was implemented was to allow internet facing logon point RSA
2 Factor internal Logon point Single Factor.
Thanks Peter
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of James Scanlon
Sent: Saturday, 14 March 2009 1:32 PM
To: Thin
Subject: [THIN] 2 Access Gateways different default logon points?
Greetings again all you fabulous list legends!
Quick one hopefully!?
I have 2 Gateway Devices both pointing to the same AAC server.
I want to have 1 gateway device support LDAP and RSA (its available
externally)
I want the other to have just LDAP (its only available internally)
From what I can tell the advanced authentication methods can only be setup
per logon point, however I cant find a way to have 2 different CAGS point to
different default logon points (under the same AAC server)
Am I missing something really simple?
Cheers and best wishes
James
_____
Let ninemsn property help. Need a new place to rent, share or buy?
<http://a.ninemsn.com.au/b.aspx?URL=http%3A%2F%2Fninemsn%2Edomain%2Ecom%2Eau
%2F%3Fs%5Fcid%3DFDMedia%3ANineMSN%5FHotmail%5FTagline&_t=774152450&_r=Domain
_tagline&_m=EXT>
No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.278 / Virus Database: 270.11.13/2000 - Release Date: 03/13/09
18:00:00
No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.278 / Virus Database: 270.11.13/2001 - Release Date: 03/14/09
06:54:00
Other related posts:
