Novell INTELLISYNC MOBILE SUITE 7.0 SECURE GATEWAY Administrator’s Guide
Version 7 . 0
April 2006
Intellisync Mobile Suite
Secure Gateway Administrator’s Guide
PUBLISHED BY:
Nokia Enterprise Solutions
200 North Point Center East, Suite 600
Alpharetta, GA 30022
Copyright © 2006 Nokia. All rights reserved worldwide. Nokia and Nokia Connecting People are registered
trademarks of Nokia Corporation. Intellisync and Intellisync logo are trademarks of Nokia Corporation. Other
trademarks mentioned are the property of their respective owners. Nokia operates a policy of continuous
development. Therefore we reserve the right to make changes and improvements to any of the products described in
this document without prior notice. No part of this publication may be reproduced, transmitted, transcribed, stored in
a retrieval system, or translated into any human or computer language in any form or by any means without the
express written permission of:
Nokia Enterprise Solutions
Information Development
200 North Point Center East, Suite 600
Alpharetta, GA 30022
This publication is provided as is without warranty of any kind, express or implied, including, but not limited to, the
implied warranties of merchantability, fitness for a particular purpose, or non-infringement.
This publication could include technical inaccuracies or typographical errors. Changes are made periodically to the
information herein. These changes will be incorporated in new editions of the publication. Nokia may make
improvements and/or changes at any time to the product(s) and/or the program(s) described in this publication.
Synchrologic, Mobile Suite, RealSync, and Intellisync are tradem arks of Nokia Corporation.
Acrobat Reader® Copyright 1987–2006 Adobe Systems Incorporated. All rights reserved. Adobe and Acrobat are
trademarks of Adobe Systems Incorporated which may be registered in certain jurisdictions.
3Com, Palm Computing, and HotSync are registered trademarks, and Palm Pilot, Palm III, Palm OS, the Palm
Computing platform logo, and all Palm logos are trademarks of Palm Computing, Inc., 3Com Corporation, or its
subsidiaries.
Certicom, movian, movianCrypt, movianVPN, and SSL Plus are trademarks and/or registered trademarks of
Certicom Corp.
Domino and Notes are trademarks, and Lotus and Lotus Notes are registered trademarks of Lotus Development
Corporation.
InstallShield is a registered trademark of InstallShield Corporation.
Microsoft, Word, Excel, Access, ActiveSync, Visual Basic, Visual C++, and Windows are either registered
trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
Netscape is a registered trademark of Netscape Communications Corporation.
SecurID is a registered trademark, and RSA Security is a trademark of RSA Security Inc.
Sun is a registered trademark and iPlanet is a trademark of Sun Microsystems, Inc.
All terms mentioned in this book that are known to be trademarks or service marks have been appropriately
capitalized. Nokia cannot attest to the accuracy of this information. Use of a term in this book should not be regarded
as affecting the validity of any trademark or servicemark.
All other trademarks or registered trademarks are the property of their respective owners.
Contents
1 Installing Secure Gateway
Overview ......................................................................................................................... 1-2
Recommended Secure Gateway configuration................................................................ 1-2
Installing the Secure Gateway......................................................................................... 1-4
Setting up a Secure Gateway cluster ............................................................................... 1-7
Installing a Secure Gateway cluster.......................................................................... 1-7
2 Configuring the Secure Gateway
Using the Secure Gateway Admin Console .................................................................... 2-2
Configuring the Secure Gateway properties file ............................................................. 2-3
Authentication and encryption.................................................................................. 2-3
Debugging and logging............................................................................................. 2-4
HTTP server.................................................... .......................................................... 2-4
Secure Gateway cluster configuration ...................................................................... 2-5
Web tunneling....................................................................... ..... ............................... 2-5
Configuring Secure Gateway to route HTTP requests.................................................... 2-6
Configuring Secure Gateway for SSL............................................................................. 2-8
3 Troubleshooting Secure Gateway
Troubleshooting Secure Gateway issues......................................................................... 3-2
Intellisync Mobile Suite Secure Gateway Administrator’s Guide iii
CHAPTER
1
Installing Secure Gateway
This chapter contains instructions for installing the Secure Gateway
and provides a diagram of the recommended configuration.
Overview ............................................................................1-2
Recommended Secure Gateway configuration ..................1-2
Installing the Secure Gateway............................................1-4
Setting up a Secure Gateway cluster ..................................1-7
Overview
Your company policy may dictate how you deploy Nokia’s technology within
your network configuration. There are several configuration options available;
however, Nokia recommends the configuration described in this chapter using a
demilitarized zone (DMZ), or screened subnet. The DMZ is a computer or small
subnetwork that sits between a trusted internal network, such as a corporate
private LAN, and an untrusted external network, such as the public Internet.
Recommended Secure Gateway configuration
Nokia recommends using the Secure Gateway configuration within your network.
The Secure Gateway offers secure and scalable communications between mobile
devices and servers and consists of an HTTP listener and communications
services.
Installing Secure Gateway
Overview
The Secure Gateway intercepts the HTTP requests from mobile devices to the
Intellisync Mobile Suite server and can route the requests in three ways:
z Push requests through TCP/IP port 3102
z Sync requests through ports 80 and 443
z Web requests through ports 80 and 443
The following diagram illustrates the recommended configuration for the Secure
Gateway. In this scenario, all Intellisync Mobile Suite components and enterprise
servers are behind the corporate inner firewall.
Intellisync Mobile Suite Secure Gateway Administrator’s Guide 1–2
Recommended Secure Gateway Configuration
Installing Secure Gateway
Recommended Secure Gateway configuration
Intellisync Mobile Suite Secure Gateway Administrator’s Guide 1–3
Installing Secure Gateway
Installing the Secure Gateway
The following table shows the default port settings. Your port settings may be
different depending on your network configuration.
Table 1: Default ports for communication from devices
Communication Protocol Default Port
HTTP
z Sync traffic
z Web tunneling
HTTPS
z Sync traffic
z Web tunneling
TCP/IP
z Push traffic
Installing the Secure Gateway
To install and configure the Secure Gateway, follow these steps:
1. From the installation source folder, doub le-click the setup.exe file. The Secure
Gateway Setup starts and prepares the wizard application for the installation.
2. On the Secure Gateway Welcome screen, click Next. The Destination Folder
screen appears.
3. T o install to a location other than the default folder, click Change. Otherwise,
click Next. The Secure Gateway Service User screen appears.
4. Complete the following fields:
Username. Enter the name for the specified user.
Password. Enter the password for the specified user.
5. Click Next. A confirmation screen appears.
6. Click Install. The installation program installs the Secure Gateway
components into the specified location. When the installation is complete, the
InstallShield Wizard Completed screen appears.
7. Click Finish. The Secure Gateway wizard closes.
80 (configurable)
443 (configurable)
3102 (configurable)
Intellisync Mobile Suite Secure Gateway Administrator’s Guide 1–4
Installing Secure Gateway
Installing the Secure Gateway
After the installation, you must specify the name of the Secure Gateway computer
on the Intellisync Mobile Suite server. To do so, complete the following steps:
1. From the Windows Start menu on the Intellisync Mobile Suite server, choose
Programs, Intellisync Mobile Suite, and then choose Admin Console. The
Intellisync Mobile Suite control appears.
2. Select Intellisync Mobile Suite in the console tree.
3. From the Action menu, choose Properties. The Intellisync Mobile Suite
Properties dialog box appears.
4. Click the Secure Gateway tab. The Secure Gateway panel appears.
5. Click Add. The Add Secure Gateway dialog box appears.
6. Enter the name or IP address of the Secure Gateway server in the field and
click OK. The Secure Gateway dialog box closes, and the server name
appears in the Secure Gateway Servers field.
7. Click the Server Name tab.
Intellisync Mobile Suite Secure Gateway Administrator’s Guide 1–5
Loading...