Your SlideShare is downloading. ×
0
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network

2,263

Published on

Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network

Connect 2013 - Making IBM Traveler High Available: Extending And Securing The Network

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
2,263
On Slideshare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
279
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. SHOW101 Making IBM Traveler High Available – Part 2: Extending And Securing The Network René Winkelmeyer | midpoints GmbH Detlev Pöttgen | midpoints GmbH© 2013 IBM Corporation
  • 2. About us René Winkelmeyer Senior Consultant at midpoints GmbH IBM Advanced Business Partner from Germany http://www.midpoints.de Specialized in RCP development, XPages development and building mobile infrastructures IBM Design Partner for Notes/Domino Next and Mobile OpenNTF Contributor ─ File Navigator (http://filenavigator.openntf.org) ─ Generic NSF View Widget for IBM Connections2 © 2013 IBM Corporation
  • 3. About us Detlev Pöttgen Co-Founder and CTO of midpoints GmbH IBM Advanced Business Partner from Germany http://www.midpoints.de Specialized in Domino & IMC Administration and building mobile infrastructures IBM Design Partner for Notes/Domino Next and Mobile3 © 2013 IBM Corporation
  • 4. How to get in touch with us? René ─ Mail: rene.winkelmeyer@midpoints.de / mail@winkelmeyer.com ─ Blog: http://www.midpoints.de / http://blog.winkelmeyer.com ─ Skype: muenzpraeger ─ Twitter: muenzpraeger ─ LinkedIn: http://de.linkedin.com/in/muenzpraeger ─ XING: https://www.xing.com/profile/Rene_Winkelmeyer ─ Slideshare: http://www.slideshare.net/muenzpraeger ─ G+: http://www.winkelmeyer.com/+ Detlev ─ Mail: detlev.poettgen@midpoints.de ─ Blog: http://www.netzgoetter.de ─ Twitter: netzgoetter ─ LinkedIn: http://de.linkedin.com/in/netzgoetter ─ XING: https://www.xing.com/profile/Detlev_Poettgen4 © 2013 IBM Corporation
  • 5. Legal first!  This slide presentation may contain the following copyrighted, trademarked and/or restricted terms: ─ IBM® DB2®, IBM® Domino®, IBM® Notes®, IBM® WebSphere®, Microsoft® Windows®, Linux®5 © 2013 IBM Corporation
  • 6. Agenda  High Availability in the context of IBM Notes Traveler  Using IBM WebSphere Edge Components as Load Balancer  Using IBM Mobile Connect as Reverse Proxy  Additional Notes  Q&A6 © 2013 IBM Corporation
  • 7. Agenda  High Availability in the context of IBM Notes Traveler  Using IBM WebSphere Edge Components as Load Balancer  Using IBM Mobile Connect as Reverse Proxy  Additional Notes  Q&A7 © 2013 IBM Corporation
  • 8. High Availability in the context of IBM Notes Traveler8 © 2013 IBM Corporation
  • 9. High Availability in the context of IBM Notes Traveler  See SHOW100 for this.9 © 2013 IBM Corporation
  • 10. Agenda  High Availability in the context of IBM Notes Traveler  Using IBM WebSphere Edge Components as Load Balancer  Using IBM Mobile Connect as Reverse Proxy  Additional Notes  Q&A10 © 2013 IBM Corporation
  • 11. Agenda – Using WebSphere Edge Components  What is WebSphere Edge Components?  Preparing the environment – Operating System, DNS, Software  Installation of IBM Installation Manager  Installation of IBM WebSphere Edge Components  Configuration of IBM WebSphere Edge Components Load Balancing  Configuration of the backend IBM Notes Traveler servers11 © 2013 IBM Corporation
  • 12. What is WebSphere Edge Components?  IBM WebSphere Edge Components is a set of networking tools. The set contains ─ Network Dispatcher (aka Load Balancer), optional with Content Distribution ─ Caching Proxy  In this session well use the Load Balancing component.12 © 2013 IBM Corporation
  • 13. What is WebSphere Edge Components?13 © 2013 IBM Corporation
  • 14. Agenda – Using WebSphere Edge Components  What is WebSphere Edge Components?  Preparing the environment – Operating System, DNS, Software  Installation of IBM Installation Manager  Installation of IBM WebSphere Edge Components  Configuration of IBM WebSphere Edge Components Load Balancing  Configuration of the backend IBM Notes Traveler servers14 © 2013 IBM Corporation
  • 15. Preparing the environment – Operating System  The demo system runs a newly fresh installed CentOS 6.3 64bit.  The installation and administration is done in graphical mode. A console mode is also available, but we are preferring a GUI for demoing purposes.15 © 2013 IBM Corporation
  • 16. Preparing the environment – DNS  The IP-based communication between all components is based on DNS (Domain Name System).  When talking about DNS I assume that youre running a real DNS server in your company.  For the demo system all used DNS names are mapped via the Linux hosts files. ─ Edge: mobile-edge.curi0.us / edge1.curi0.us / edge2.curi0.us ─ Traveler: traveler1.curi0.us / traveler2.curi0.us16 © 2013 IBM Corporation
  • 17. Preparing the environment – DNS (locals hosts editing)  Open your favorite shell and open the the local hosts file using a text editor like “vi” or “vim” (depends on how hardcore youre)17 © 2013 IBM Corporation
  • 18. Preparing the environment – DNS (locals hosts editing)  Change the settings as needed for your environment. Use “i” as key to start inserting text.  Save the modifications using the key combination “ESC” and then “wq!” (== save and close)  Check the modifications using ping18 © 2013 IBM Corporation
  • 19. Preparing the environment – Software  For the installation of the IBM WebSphere Edge Components you have to download the appropriate package from the IBM Passport Advantage website.  The following packages/part numbers are available for the WebSphere Network Deployment of the Edge Components Load Balancer: ─ CI3HKML (Part 1/3) ─ CI3HLML (Part 2/3) ─ CI3HMML (Part 3/3)  Save the package to /tmp/downloads/ibm/was_edge19 © 2013 IBM Corporation
  • 20. Preparing the environment – Software  In addition youll need the IBM Installation Manager (former Rational Installation Manager) to install the WebSphere Edge Components.  As were installing V8.5 of the Edge Components youll need to use the most current IBM Installation Manager 1.6.1. ─ Download can be found here: http://www- 947.ibm.com/support/entry/portal/Recommended_fix/Software/Rational/IBM_Installation_Manag er20 © 2013 IBM Corporation
  • 21. Preparing the environment –Download of IBM Installation Manager  Following the previous shown link youll be directed to a list of available download links. Click on the link for the “Installation Manager and Packaging Utility download links”21 © 2013 IBM Corporation
  • 22. Preparing the environment –Download of IBM Installation Manager  On the newly shown website youll a list of available versions. Click the link for the “Installation Manager” in the most current (in our case 1.6.1) version.22 © 2013 IBM Corporation
  • 23. Preparing the environment –Download of IBM Installation Manager  Now select the link (FC) for your operating system.23 © 2013 IBM Corporation
  • 24. Preparing the environment –Download of IBM Installation Manager  Youll be redirected to the Fix Central. Select the package and click “Continue” to proceed.24 © 2013 IBM Corporation
  • 25. Preparing the environment –Download of IBM Installation Manager  Now you can download the installation package. Save it in /tmp/downloads/ibm/installation_manager.25 © 2013 IBM Corporation
  • 26. Agenda – Using WebSphere Edge Components  What is WebSphere Edge Components?  Preparing the environment – Operating System, DNS, Software  Installation of IBM Installation Manager  Installation of IBM WebSphere Edge Components  Configuration of IBM WebSphere Edge Components Load Balancing  Configuration of the backend IBM Notes Traveler servers26 © 2013 IBM Corporation
  • 27. Installation of IBM Installation Manager  Login as user “root” and start the File Browser (Nautilus in our case)27 © 2013 IBM Corporation
  • 28. Installation of IBM Installation Manager  Navigate to the directory /tmp/downloads/ibm/installation_manager and start the installation with a double click on the install executable28 © 2013 IBM Corporation
  • 29. Installation of IBM Installation Manager  Proceed with “Next”29 © 2013 IBM Corporation
  • 30. Installation of IBM Installation Manager  Accept the license terms and proceed with “Next”.30 © 2013 IBM Corporation
  • 31. Installation of IBM Installation Manager  Leave the installation directory as defined and proceed with “Next”.31 © 2013 IBM Corporation
  • 32. Installation of IBM Installation Manager  Proceed with “Install” to start the installation of the IBM Installation Manager.32 © 2013 IBM Corporation
  • 33. Installation of IBM Installation Manager  Finish the installation with “Restart Installation Manager”.33 © 2013 IBM Corporation
  • 34. Agenda – Using WebSphere Edge Components  What is WebSphere Edge Components?  Preparing the environment – Operating System, DNS, Software  Installation of IBM Installation Manager  Installation of IBM WebSphere Edge Components  Configuration of IBM WebSphere Edge Components Load Balancing34 © 2013 IBM Corporation
  • 35. Installation of WebSphere Edge Components  The IBM Installation Manager allows to install, update or remove IBM products. As were installing a new product select “Install”.35 © 2013 IBM Corporation
  • 36. Installation of WebSphere Edge Components  The IBM Installation Manager can install software from varying repositories: ─ Local files ─ HTTP site ─ Passport Advantage  As we dont want to rely on an internet connection well use a local file repository. The next slides are showing how to setup a new one.36 © 2013 IBM Corporation
  • 37. Installation of WebSphere Edge Components  Selecte the “Repositories” link.37 © 2013 IBM Corporation
  • 38. Installation of WebSphere Edge Components  Now select “Repositories” in the left menu and then “Add Repository...” on the right side.38 © 2013 IBM Corporation
  • 39. Installation of WebSphere Edge Components  This will show an empty file dialog. Select “Browse” to open the file manager.39 © 2013 IBM Corporation
  • 40. Installation of WebSphere Edge Components  Navigate to the directory /tmp/downloads/ibm/was_edge/disk1. Select the file “diskTag.inf” and confirm the selection with “OK”.40 © 2013 IBM Corporation
  • 41. Installation of WebSphere Edge Components  Confirm the selection with “OK”.41 © 2013 IBM Corporation
  • 42. Installation of WebSphere Edge Components  Press “Test Connections” to verify the successful setup of the repository.42 © 2013 IBM Corporation
  • 43. Installation of WebSphere Edge Components  Youll see this dialog if all repositories have been verified. Close the dialog with “OK”.43 © 2013 IBM Corporation
  • 44. Installation of WebSphere Edge Components  Close the preferences with “OK”.44 © 2013 IBM Corporation
  • 45. Installation of WebSphere Edge Components  Closing the preferences will automatically launch the installation/selection dialog for the available software.45 © 2013 IBM Corporation
  • 46. Installation of WebSphere Edge Components  Proceed with “Next”.46 © 2013 IBM Corporation
  • 47. Installation of WebSphere Edge Components  Accept the license terms and proceed with “Next”.47 © 2013 IBM Corporation
  • 48. Installation of WebSphere Edge Components  As its a new installation of the IBM Installation Manager some shared resources need to be installed. Leave the directory settings as they are and proceed with “Next”.48 © 2013 IBM Corporation
  • 49. Installation of WebSphere Edge Components  Proceed with “Next”.49 © 2013 IBM Corporation
  • 50. Installation of WebSphere Edge Components  If needed you can select more languages. Proceed with “Next”.50 © 2013 IBM Corporation
  • 51. Installation of WebSphere Edge Components  Leave the predefined selection (no Metric Server) and proceed with “Next”.51 © 2013 IBM Corporation
  • 52. Installation of WebSphere Edge Components  Start the installation with a click on “Install”.52 © 2013 IBM Corporation
  • 53. Installation of WebSphere Edge Components  We want to start directly, so click on finish (thatll start the Load Balancer Administration Console).53 © 2013 IBM Corporation
  • 54. Agenda – Using WebSphere Edge Components  What is WebSphere Edge Components?  Preparing the environment – Operating System, DNS, Software  Installation of IBM Installation Manager  Installation of IBM WebSphere Edge Components  Configuration of IBM WebSphere Edge Components Load Balancing  Configuration of the backend IBM Notes Traveler servers54 © 2013 IBM Corporation
  • 55. Configuration of WebSphere Edge Components Load Balancing  The automatic startup lauches the Load Balancer configuration GUI.55 © 2013 IBM Corporation
  • 56. Configuration of WebSphere Edge Components Load Balancing  Select “Dispatcher” in the left menu tree.56 © 2013 IBM Corporation
  • 57. Configuration of WebSphere Edge Components Load Balancing  Make a right click on “Dispatcher” and select “Start Configuration Wizard”. Thatll start the configuration dialog.57 © 2013 IBM Corporation
  • 58. Configuration of WebSphere Edge Components Load Balancing  Proceed with “Next”.58 © 2013 IBM Corporation
  • 59. Configuration of WebSphere Edge Components Load Balancing  Proceed with “Next”.59 © 2013 IBM Corporation
  • 60. Configuration of WebSphere Edge Components Load Balancing  Check the preconditions – the setup wont work if you dont respect them.60 © 2013 IBM Corporation
  • 61. Configuration of WebSphere Edge Components Load Balancing  As were on Linux => start the server. You wont get a direct feedback!61 © 2013 IBM Corporation
  • 62. Configuration of WebSphere Edge Components Load Balancing  Check if the local hostname is correct and proceed with a click on “Update Configuration & Continue”.62 © 2013 IBM Corporation
  • 63. Configuration of WebSphere Edge Components Load Balancing  Add the Cluster name. It needs to be equal to the URL which the clients are using, in our case “mobile-edge.curi0.us”. Proceed with “Update Configuration & Continue”.63 © 2013 IBM Corporation
  • 64. Configuration of WebSphere Edge Components Load Balancing  Check if the cluster has been added successfully. Then proceed with “Next”.64 © 2013 IBM Corporation
  • 65. Configuration of WebSphere Edge Components Load Balancing  Now we need to set the port which will be used by the clients. The default is set to “80”.65 © 2013 IBM Corporation
  • 66. Configuration of WebSphere Edge Components Load Balancing  Change the value to “443” as well run HTTPS. Proceed with “Update Configuration & Continue”.66 © 2013 IBM Corporation
  • 67. Configuration of WebSphere Edge Components Load Balancing  Check if the port has been added successfully. Proceed with “Next”.67 © 2013 IBM Corporation
  • 68. Configuration of WebSphere Edge Components Load Balancing  Now we need to add the server names of the used backend servers (here: the Traveler servers). Click on “Add a server”.68 © 2013 IBM Corporation
  • 69. Configuration of WebSphere Edge Components Load Balancing  Enter the first server name, in our case “traveler1.curi0.us”. Proceed with “Next”.69 © 2013 IBM Corporation
  • 70. Configuration of WebSphere Edge Components Load Balancing  Check if the server name has been added successfully. Click on “Add a server” to add the second server.70 © 2013 IBM Corporation
  • 71. Configuration of WebSphere Edge Components Load Balancing  Enter the second server name, in our case “traveler2.curi0.us”. Proceed with “Next”.71 © 2013 IBM Corporation
  • 72. Configuration of WebSphere Edge Components Load Balancing  Check if the server name has been added successfully. Click on “Update Configuration & Continue” to proceed.72 © 2013 IBM Corporation
  • 73. Configuration of WebSphere Edge Components Load Balancing  We need to start an Advisor as we want the Traveler servers to be monitored. Enter “HTTPS” as the Advisor name and proceed with “Update Configuration & Continue”.73 © 2013 IBM Corporation
  • 74. Configuration of WebSphere Edge Components Load Balancing  Check if the Advisor has been started successfully. Proceed with “Next”.74 © 2013 IBM Corporation
  • 75. Configuration of WebSphere Edge Components Load Balancing  The clusters IP address needs to be set on the backend servers. Select your operating system (here: Linux) and click on “View Loopback Instructions” to show the instructions.75 © 2013 IBM Corporation
  • 76. Configuration of WebSphere Edge Components Load Balancing  Excursion / Repeat – read it often: ─ To work properly the clusters IP address needs to be added to the local loopback adapter of the application servers. ─ To work properly the clusters IP address needs to be added to the local loopback adapter of the application servers. ─ To work properly the clusters IP address needs to be added to the local loopback adapter of the application servers. ─ To work properly the clusters IP address needs to be added to the local loopback adapter of the application servers. ─ To work properly the clusters IP address needs to be added to the local loopback adapter of the application servers.  That means: add the Edge servers IP address to the local loopback adapter of each Traveler server.76 © 2013 IBM Corporation
  • 77. Configuration of WebSphere Edge Components Load Balancing  Read the configuration settings (better: write them down). Click “Exit” to close the information dialog.77 © 2013 IBM Corporation
  • 78. Configuration of WebSphere Edge Components Load Balancing  Done – the Edge server is ready. Click on “Exit” to proceed.78 © 2013 IBM Corporation
  • 79. Configuration of WebSphere Edge Components Load Balancing  Close the confirmation dialog with “Yes”.79 © 2013 IBM Corporation
  • 80. Configuration of WebSphere Edge Components Load Balancing  Right click on “Dispatcher” and select “Connect to Host...” to see the configured Load Balancer.80 © 2013 IBM Corporation
  • 81. Configuration of WebSphere Edge Components Load Balancing  You now can see, configure and manage the Load Balancer. Done!81 © 2013 IBM Corporation
  • 82. Agenda – Using WebSphere Edge Components  What is WebSphere Edge Components?  Preparing the environment – Operating System, DNS, Software  Installation of IBM Installation Manager  Installation of IBM WebSphere Edge Components  Configuration of IBM WebSphere Edge Components Load Balancing  Configuration of the backend IBM Notes Traveler servers82 © 20 1 3 IBM Corporation
  • 83. Configuration of the backend IBM Notes Traveler servers  As previous stated youll have to add the WebSphere Edges cluster address to each (repeat: each) backend server.83 © 2013 IBM Corporation
  • 84. Agenda  High Availability in the context of IBM Notes Traveler  Using IBM WebSphere Edge Components as Load Balancer  Using IBM Mobile Connect as Reverse Proxy  Additional Notes  Q&A84 © 2013 IBM Corporation
  • 85. Agenda – Using IBM Mobile Connect  What is IBM Mobile Connect?  Preparing the environment – Operating System, DNS, Software  Installation of DB2  Installation of IBM Mobile Connect  Configuration of IBM Mobile Connect Connection Profiles  Configuring Domino LDAP and SSL  Configuring IBM Mobile Connect SSL  Configuring IBM Mobile Connect HTTP Access Services  Configuring Domino-SSO via LTPA-Token  Configuring IBM Notes Traveler85 © 2013 IBM Corporation
  • 86. Agenda  What is IBM Mobile Connect?  Preparing the environment – Operating System, DNS, Software  Installation of DB2  Installation of IBM Mobile Connect  Configuration of IBM Mobile Connect Connection Profiles  Configuring Domino LDAP and SSL  Configuring IBM Mobile Connect SSL  Configuring IBM Mobile Connect HTTP Access Services  Configuring Domino-SSO via LTPA-Token  Configuring IBM Notes Traveler86 © 2013 IBM Corporation
  • 87. What is IBM Mobile Connect?87 © 2013 IBM Corporation
  • 88. What is IBM Mobile Connect?88 © 2013 IBM Corporation
  • 89. What is IBM Mobile Connect?89 © 2013 IBM Corporation
  • 90. What is IBM Mobile Connect?  Connection Manager (server-side) ─ Software that runs on the server and controls access to enterprise resources Support for IP and non-IP network protocols ─ Mobile Network Connections (MNC) for combinations of public/private networks  Distributed Administration (“Gatekeeper”) ─ Java based administrator console that can run on various platforms Policy Management is an integral part of Administration  Mobility Client (client-side) ─ Software that runs on the mobile device and interfaces to Connection Manager Mobility Client authenticates and establishes VPN with Connection Manager Includes toolkit for creating network-aware applications  HTTP Access (client-less) ─ HTTP access services provide a SSL secured tunnel for HTTP communication to any HTTP Version 1.1 application90 © 2013 IBM Corporation
  • 91. Agenda  What is IBM Mobile Connect?  Preparing the environment – Operating System, DNS, Software  Installation of DB2  Installation of IBM Mobile Connect  Configuration of IBM Mobile Connect Connection Profiles  Configuring Domino LDAP and SSL  Configuring IBM Mobile Connect SSL  Configuring IBM Mobile Connect HTTP Access Services  Configuring Domino-SSO via LTPA-Token  Configuring IBM Notes Traveler91 © 2013 IBM Corporation
  • 92. Preparing the environment – Operating System, DNS, Software  The sessions demo installation of IBM DB2 and IBM Mobile Connect runs on SUSE Linux Enterprise Server (SLES) 11.  All components (IBM DB2®, IBM Mobile Connect®, IBM Domino®) are running for demo purposes on the same machine – for a production environment it is highly recommended to install the components on separate machines.  All DNS settings are referring to the same physical IP. You should use your companies DNS.  The demo system doesnt use a firewall as all communication happens locally.92 © 2013 IBM Corporation
  • 93. Preparing the environment – Operating System  The demo system runs a newly fresh installed SUSE Linux Enterprise Server (SLES) 11.  The installation of DB2 requires an installed X-Windows system like KDE or Gnome (the last one is used here).  Furthermore you need a working Korn Shell (ksh) on the Linux system. It is required by the IBM Mobile Connect installation.93 © 2013 IBM Corporation
  • 94. Preparing the environment – DNS  The IP-based communication between all components is based on DNS (Domain Name System).  When talking about DNS we assume that youre running a real DNS server in your company.  For the demo system all used DNS names are mapped to the local IP address via the Linux hosts file. ─ DB2: db2-imc.curi0.us ─ IBM Mobile Connect: imc1.curi0.us ─ Traveler: traveler1.curi0.us / traveler2.curi0.us ─ External Single URL: mobile.curi0.us  Never ever give the local loopback adapter (127.0.0.1) an alias! That will lead to errors during the installation process!94 © 2013 IBM Corporation
  • 95. Preparing the environment – DNS (local hosts editing)  Open your favorite shell (like the Gnome Terminal).  Open the local hosts file using a text editor like “vi”.95 © 2013 IBM Corporation
  • 96. Preparing the environment – DNS (local hosts editing)  Modify the name settings for the used DNS names (key “i” for inserting). 127.0.0.1 localhost 192.168.100.50 imc1.curi0.us imc1 192.168.100.50 db2-imc.curi0.us 192.168.100.51 traveler1.curi0.us 192.168.100.52 traveler2.curi0.us 192.168.100.50 mobile.curi0.us  Save the modifications using the key combination “ESC” and then “wq!” (== save and close).  Check the modifications using ping.96 © 2013 IBM Corporation
  • 97. Preparing the environment – DNS (local name resolving)  The server needs to be able to to resolve its simple name. If the machines name is “imc1.curi0.us” the name “imc1” needs to be pinged.  If thats not possible the installations of DB2 and IBM Mobile Connect wont work!97 © 2013 IBM Corporation
  • 98. Preparing the environment – Software (DB2)  First you need DB2 (any edition, were using DB2 Express-C 10.1.2).  You can download DB2 Express-C via this URL. http://www-01.ibm.com/software/data/db2/express/download.html  Choose the package which is appropriate for the used operating system – in our case for Linux x86 - 64 Bit.  Save the package to /root/install/db298 © 2013 IBM Corporation
  • 99. Preparing the environment – Software (IBM Mobile Connect)  Then download the two IBM Mobile Connect installation packages from Passport Advantage.  The product numbers are “CID7DML_connection_manager.tar” and “CID79ML_Gatekeeper.tar”  Save the package to /root/install/imc99 © 2013 IBM Corporation
  • 100. Preparing the environment – Software (Domino & Traveler)  Besides DB2 and IBM Mobile Connect youll need one or two running IBM Domino servers and two or more IBM Notes Traveler server. Were not describing here how to setup Domino and Traveler – that was part of SHOW100.100 © 2013 IBM Corporation
  • 101. Agenda  What is IBM Mobile Connect?  Preparing the environment – Operating System, DNS, Software  Installation of DB2  Installation of IBM Mobile Connect  Configuration of IBM Mobile Connect Connection Profiles  Configuring Domino LDAP and SSL  Configuring IBM Mobile Connect SSL  Configuring IBM Mobile Connect HTTP Access Services  Configuring Domino-SSO via LTPA-Token  Configuring IBM Notes Traveler101 © 2013 IBM Corporation
  • 102. Installation of DB2  Logon to the Linux system as user “root”  Open your favorite shell (like the “Gnome Terminal”)102 © 2013 IBM Corporation
  • 103. Installation of DB2  Change to the directory “/root/install/db2”  Unpack the downloaded DB2 installation package using “tar” (you may use the additional “v” parameter for getting a verbose output of the unpacking)103 © 2013 IBM Corporation
  • 104. Installation of DB2  Switch to the extracted DB2 installation folder expc.  Launch the db2setup (please remember: you need X-Window for this!)104 © 2013 IBM Corporation
  • 105. Installation of DB2  The startup screen (aka “DB2 Setup Launchpad”) shows up.105 © 2013 IBM Corporation
  • 106. Installation of DB2  Choose “Install a product” and select “Install New”.106 © 2013 IBM Corporation
  • 107. Installation of DB2  Click “Next” to step over to the License Agreement Dialog.107 © 2013 IBM Corporation
  • 108. Installation of DB2  Click “Next” to step over to the License Agreement Dialog. After youve read and accepted it (click the radio button) click on “Next” to proceed.108 © 2013 IBM Corporation
  • 109. Installation of DB2  Select “Custom” as the installation type and proceed with “Next”.109 © 2013 IBM Corporation
  • 110. Installation of DB2  Save the installation details in a response file (good practice!) and proceed with “Next”.110 © 2013 IBM Corporation
  • 111. Installation of DB2  Deselect “Getting started” from the feature list and proceed with “Next” (that will accept the default installation location “/opt/ibm/db2/V10.1”).111 © 2013 IBM Corporation
  • 112. Installation of DB2  Optional: choose an additional language (we dont prefer any other language then English, even as were German) and proceed with “Next”.112 © 2013 IBM Corporation
  • 113. Installation of DB2  Leave the default value for the location of the DB2 Information center and proceed with “Next”.113 © 2013 IBM Corporation
  • 114. Installation of DB2  Enter the credentials for the DB2 administrator “dasusr1” and proceed with “Next”. This step will setup a new Linux user including home directory.114 © 2013 IBM Corporation
  • 115. Installation of DB2  Leave the default value to create a new DB2 instance and proceed with “Next”.115 © 2013 IBM Corporation
  • 116. Installation of DB2  Enter the credentials for the DB2 instance owner “db2inst1” and proceed with “Next”. This step will setup a new Linux user including home directory.116 © 2013 IBM Corporation
  • 117. Installation of DB2  Enter the credentials for the DB2 fenced user “db2fenc1” and proceed with “Next”. This step will setup a new Linux user including home directory.117 © 2013 IBM Corporation
  • 118. Installation of DB2  Create a TCP/IP configuration for DB2 to allow access from external hosts on port 50001. Leave the autostart checkbox as it is and proceed with “Next”.118 © 2013 IBM Corporation
  • 119. Installation of DB2  Optional: Setup notifications from DB2. As we dont need it here deselect it and proceed with “Next”.119 © 2013 IBM Corporation
  • 120. Installation of DB2  Check the setup instructions in the setup dialog and finish the installation with “Finish”.120 © 2013 IBM Corporation
  • 121. Installation of DB2  Youll see a progress dialog during the installation process in a separate window.121 © 2013 IBM Corporation
  • 122. Installation of DB2  Done!122 © 2013 IBM Corporation
  • 123. Installation of DB2  You can validate the successful installation in various ways ─ Check the installation log located in /tmp/db2setup.log ─ Login to DB2 with the db2inst1 user ─ Run the DB2 validation tool123 © 2013 IBM Corporation
  • 124. Agenda  What is IBM Mobile Connect?  Preparing the environment – Operating System, DNS, Software  Installation of DB2  Installation of IBM Mobile Connect  Configuration of IBM Mobile Connect Connection Profiles  Configuring Domino LDAP and SSL  Configuring IBM Mobile Connect SSL  Configuring IBM Mobile Connect HTTP Access Services  Configuring Domino-SSO via LTPA-Token  Configuring Notes Traveler124 © 2013 IBM Corporation
  • 125. Installation of IBM Mobile Connect – Connection Manager  Logon to the Linux system as user “root”  Open your favorite shell (like the “Gnome Terminal”)125 © 2013 IBM Corporation
  • 126. Installation of IBM Mobile Connect – Connection Manager  Change to the directory “/root/install/imc”  Unpack the downloaded IBM Mobile Connect installation package of the Connection Manager using “tar”.126 © 2013 IBM Corporation
  • 127. Installation of IBM Mobile Connect – Connection Manager  Display the extracted content using “ls”. There are two files: ./linux-gw-x86_64-image.tar.gz ./linux-gw-x86-image.tar.gz  If you are running a 64-Bit Linux, then you should extract the linux-gw-x86_64- image using “tar”.127 © 2013 IBM Corporation
  • 128. Installation of IBM Mobile Connect – Connection Manager  Switch to the inst.images Subfolder  First you need to setup the IBM Mobile Connect Connection Manager. For that issue the command “./install_wg” from within the sub-directory.128 © 2013 IBM Corporation
  • 129. Installation of IBM Mobile Connect – Connection Manager  Specify if you want to start the IBM Mobile Connect Connection Manager at system startup. This setting defaults to “yes” (it is recommended to keep this setting).129 © 2013 IBM Corporation
  • 130. Installation of IBM Mobile Connect – Connection Manager  The IBM Mobile Connect Connection Manager is installed within /opt/ibm/ConnectionManager.  Important: Ensure that the service “xinetd” is running on the machine on which the IBM Mobile Connect Connection Manager is installed.  Done!130 © 2013 IBM Corporation
  • 131. Installation of IBM Mobile Connect – Gatekeeper  Logon to the Linux system as user “root”  Open your favorite shell (like the “Gnome Terminal”)131 © 2013 IBM Corporation
  • 132. Installation of IBM Mobile Connect – Gatekeeper  Change to the directory “/root/install/imc”  Unpack the downloaded IBM Mobile Connect installation package of the Gatekeeper using “tar”.132 © 2013 IBM Corporation
  • 133. Installation of IBM Mobile Connect – Gatekeeper  Change to the directory “/root/install/imc/pkglinux”  If IBM Java JRE 7.0.2 isnt installed you need to install it. The needed installation file is located within the extracted pkglinux subfolder.133 © 2013 IBM Corporation
  • 134. Installation of IBM Mobile Connect – Gatekeeper  Now proceed with the installation of the IBM Mobile Connect Gatekeeper.134 © 2013 IBM Corporation
  • 135. Installation of IBM Mobile Connect – Gatekeeper  The IBM Mobile Connect Gatekeeper is installed within the directory /opt/ibm/Gatekeeper. The installation also adds symbolic links within /usr/bin for the IBM Mobile Connect Gatekeeper binaries.  Done!135 © 2013 IBM Corporation
  • 136. Installation of IBM Mobile Connect – Gatekeeper  Yes, were running on Linux. But you have to restart the server. ;-)136 © 2013 IBM Corporation
  • 137. Agenda  What is IBM Mobile Connect?  Preparing the environment – Operating System, DNS, Software  Installation of DB2  Installation of IBM Mobile Connect  Configuration of IBM Mobile Connect Connection Profiles  Configuring Domino LDAP and SSL  Configuring IBM Mobile Connect SSL  Configuring IBM Mobile Connect HTTP Access Services  Configuring Domino-SSO via LTPA-Token  Configuring IBM Notes Traveler137 © 2013 IBM Corporation
  • 138. Configuration of IBM Mobile Connect  The whole configuration of IBM Mobile Connect is done through the IBM Mobile Connect Gatekeeper.  Logon as the Linux user “root”.  Open your favorite console (i. e. the “Gnome Terminal”).138 © 2013 IBM Corporation
  • 139. Configuration of IBM Mobile Connect  Start the IBM Mobile Connect Gatekeeper through issuing the command “wgcfg” from the shell. That will start the application in the X-Window system.139 © 2013 IBM Corporation
  • 140. Configuration of IBM Mobile Connect - Login profile  At the very first startup IBM Mobile Connect has no configuration. Youll see an empty login screen with no selection values for the so called “Login profile”.140 © 2013 IBM Corporation
  • 141. Configuration of IBM Mobile Connect - Login profile  The IBM Mobile Connect Gatekeeper automatically prompts a dialog for the creation of new Login profiles. In our case were setting up a “non-secure” Login profile through clicking on “Add Profile...”.141 © 2013 IBM Corporation
  • 142. Configuration of IBM Mobile Connect - Login profile  In the “Add Login Profile” dialog we have to add two values ─ The Login profile name, which is the descriptive name for this profile. For the sake of simplicity were using the simple host name of the IBM Mobile Connect server. ─ The host name we want to connect to. ─ The port, which defaults to 9555, could be changed if needed. For our setup we dont need that.  Finish the dialog through clicking the “OK” button.142 © 2013 IBM Corporation
  • 143. Configuration of IBM Mobile Connect - Login profile  Youll see now the newly added profile in the Login Profile Details list.  Close the dialog with “OK”.143 © 2013 IBM Corporation
  • 144. Configuration of IBM Mobile Connect - Logging in  Now select the profile “imc1” within the Login profile dropdown dialog.  Additionally you have to enter the administrators credentials. For that use the default login credentials which are available after any IBM Mobile Connect installation. ─ User: gkadmin ─ Password: gk4admin (Default)  Confirm the selection and credentials through clicking “Log In”.144 © 2013 IBM Corporation
  • 145. Configuration of IBM Mobile Connect - Logging in  “Accept” the upcoming license dialog to proceed.145 © 2013 IBM Corporation
  • 146. Configuration of IBM Mobile Connect – First Setup  Two Dialog Boxes will be opened. Close the Gatekeeper Help Window to start the configuration.146 © 2013 IBM Corporation
  • 147. Configuration of IBM Mobile Connect – First Setup  As were using DB2 as the backend for IBM Mobile Connect you have to select “An ODBC-compliant relational database”. Proceed with “Next”.147 © 2013 IBM Corporation
  • 148. Configuration of IBM Mobile Connect – First Setup  In the upcoming dialog you have to enter the name of the DB2 instance and the according home folder: ─ DB2 instance name: wgdb ─ DB2 instance home folder: /home/wgdb  Proceed with “Next”.148 © 2013 IBM Corporation
  • 149. Configuration of IBM Mobile Connect – First Setup  Now enter the administrative settings for this new DB2 database. ─ Database name: wgdata ─ Database management ID: db2inst1 (were using the existing standard DB2 administrator)149 © 2013 IBM Corporation
  • 150. Configuration of IBM Mobile Connect – First Setup  We may use the local path, but to have a real world scenario were “remotely” connecting to the DB2 instance.  Proceed with “Next”.150 © 2013 IBM Corporation
  • 151. Configuration of IBM Mobile Connect – First Setup  In the upcoming dialog you have to enter a base distinguished name (X.500 format) under which the configuration data will be stored. This name is case- sensitive! ─ Base distinguished name: o=midpoints (your organization name, we will use midpoints here)  Additionally you have to define how the data will be stored. Use the same data storage as it is used for the session data.  Proceed with “Next”.151 © 2013 IBM Corporation
  • 152. Configuration of IBM Mobile Connect – First Setup  Now you have to define if administrators should be able to remotely connect to the IBM Mobile Connect Connection Manager. Its recommended to allow this as it makes administrators life somewhat easier. ─ Remote administrators may login with the user “gkadmin”.  Dependant on the internal security policies an SSL based connection to the IBM Mobile Connect Gatekeeper could be enforced. Here its not needed so leave the default selection (==disabled).152 © 2013 IBM Corporation
  • 153. Configuration of IBM Mobile Connect – First Setup  Now enable the logging of all administrative actions and proceed with “Next”.153 © 2013 IBM Corporation
  • 154. Configuration of IBM Mobile Connect – First Setup  The last wizard screen confirms that all settings for the initial setup of this IBM Mobile Connect Connection Manager have been setup. Proceed the setup through clicking “Finish”.  The IBM Mobile Connect Gatekeeper now setups the database and the initial IBM Mobile Connect Connection Manager resources. This may take a while.154 © 2013 IBM Corporation
  • 155. Agenda  What is IBM Mobile Connect?  Preparing the environment – Operating System, DNS, Software  Installation of DB2  Installation of IBM Mobile Connect  Configuration of IBM Mobile Connect Connection Profiles  Configuring Domino LDAP and SSL  Configuring IBM Mobile Connect SSL  Configuring IBM Mobile Connect HTTP Access Services  Configuring Domino-SSO via LTPA-Token  Configuring IBM Notes Traveler155 © 2013 IBM Corporation
  • 156. Configuring Domino authentication  Authentication profiles in IBM Mobile Connect could be setup to use LDAP binding for HTTP access services and connection profiles.  IBM Domino may serve as a Directory Service provider for LDAP so were going to leverage that built-in functionality.  As mentioned in the prerequisites were running a newly fresh installed IBM Domino server without any special configuration. The following slides will show the steps which are needed to setup IBM Domino as a LDAP Directory provider.156 © 2013 IBM Corporation
  • 157. Configuring Domino authentication – LDAP setup  At first you have to create a technical user which will be used by IBM Mobile Connect to make authenticated LDAP lookups.  As this technical user doesnt need to have a Notes id file it is sufficient to create a new person document with HTTP password.157 © 2013 IBM Corporation
  • 158. Configuring Domino authentication – LDAP setup  Open the Domino Directory of the IBM Domino Server and switch to the “Peoples” view.  Use the action button “Add Person” to create a new person document.158 © 2013 IBM Corporation
  • 159. Configuring Domino authentication – LDAP setup  Enter a first and a last name for the user. Adding a hierarchical full name is recommended as a good practice. And please honor the IBM Domino naming conventions! ─ First name: &lmc ─ Last name: &ldaplookup ─ Full name: &lmc &ldaplookup/tech/midpoints159 © 2013 IBM Corporation
  • 160. Configuring Domino authentication – LDAP setup  The technical user needs a HTTP password. For that click on the “Enter Password” button which is located on the “Basics” tab.  In the upcoming dialog box enter the password “ld4pl00kup” and confirm with the “OK” button.160 © 2013 IBM Corporation
  • 161. Configuring Domino authentication – LDAP setup  Check if the HTTP password has been added to the person document. The hashed value should be visible.  Now save the created person document with the “Save & Close” button.161 © 2013 IBM Corporation
  • 162. Configuring Domino authentication – LDAP setup  Switch to the “All Server Documents” view in the Domino Directory. Here open the servers document.162 © 2013 IBM Corporation
  • 163. Configuring Domino authentication – LDAP setup  You need to ensure that the previously created technical user has read access to the Domino Directory.  For that were changing to the “Security” tab and check the “Access server” field. Allowing all users listed in trusted directories is sufficient.163 © 2013 IBM Corporation
  • 164. Configuring Domino authentication – LDAP setup  Now set up the LDAP configuration for this server. The needed configuration can be found within “Ports” => “Internet Ports” => “Directory”.164 © 2013 IBM Corporation
  • 165. Configuring Domino authentication – LDAP setup  From a security point of perspective you should disallow non-SSL LDAP access and disable anonymous LDAP access.165 © 2013 IBM Corporation
  • 166. Configuring Domino authentication – LDAP setup  Save the modified server document with the “Save & Close” button.166 © 2013 IBM Corporation
  • 167. Configuring Domino authentication – LDAP setup  Create a new Program document for making sure that the LDAP task runs at server startup .  Go to the “Programs” view of the Domino Directory and create a new Program document through clicking the “Add Program” button.167 © 2013 IBM Corporation
  • 168. Configuring Domino authentication – LDAP setup  In the newly created document set the values to startup the LDAP task at server startup ─ Program name: LDAP ─ Enabled/disabled: At server startup only  Click “Save & Close” to save the Program document.168 © 2013 IBM Corporation
  • 169. Configuring Domino authentication – SSL setup  As youve setup SSL-based usage of the LDAP Directory server you now need to create SSL KeyRings for the Domino server.  There are two kinds of certificates which can be used for that: ─ Certificates which are signed by an official SSL Certification Authority ─ Self-signed certificates  For the internal usage it is sufficient to use a self-signed certificate.  The creation of such a self-signed certificate can be done by using the “Server Certificate Admin” Database.169 © 2013 IBM Corporation
  • 170. Configuring Domino authentication – SSL setup  Press CTRL+N in the IBM Lotus Notes client opens the “New Application” dialog. ─ Create the database locally. ─ Enter a descriptive title and file name. ─ Select a Domino server (the template isnt available on a Notes client. ─ Select the “Show advanced templates” checkbox. ─ Scroll down to “Server Certificate Admin” and click “OK”.170 © 2013 IBM Corporation
  • 171. Configuring Domino authentication – SSL setup  Close the “About this database” tab (1) and go to the Server Certificate Admins tab (2).171 © 2013 IBM Corporation
  • 172. Configuring Domino authentication – SSL setup  Choose the “Create Key Ring with Self-Certified Certifcate” menu entry.172 © 2013 IBM Corporation
  • 173. Configuring Domino authentication – SSL setup  Now you need to enter some values in the upcoming form.  At first the file name and the password. Its a good practice to use the DNS host name as file name, because that helps to distinguish if the Domino server uses more than one SSL configuration.173 © 2013 IBM Corporation
  • 174. Configuring Domino authentication – SSL setup  Second you need to enter the certificate details which will be used to create the certificates hierarchical name. ─ Important: The common name of the certificate must be equal to the DNS name of the server.  Last but not least you have to click the button “Create Key Ring with Self-Certified Certificate” which is located at the bottom of the form.174 © 2013 IBM Corporation
  • 175. Configuring Domino authentication – SSL setup  The certificate creation process creates two files within the root of the Notes clients data directory. ─ KeyRing file: selfcert-traveler1.kyr ─ Stash file: selfcert-traveler1.sth  Copy both files from the Notes clients data directory into the data directory of the Domino server.  The next step will be to setup SSL on the Domino server.175 © 2013 IBM Corporation
  • 176. Configuring Domino authentication – SSL setup  Were switching to the “All Server Documents” view in the Domino Directory. Here were opening the servers document.176 © 2013 IBM Corporation
  • 177. Configuring Domino authentication – SSL setup  The configuration settings for SSL can be found within “Ports” => “Internet Ports” .  The “SSL key file name” must match the file name of the created keyring.177 © 2013 IBM Corporation
  • 178. Configuring Domino authentication – SSL setup  The configuration settings for SSL can be found within “Ports” => “Internet Ports” .  Enable the HTTP-SSL Port – and disable the HTTP-Port!178 © 2013 IBM Corporation
  • 179. Configuring Domino authentication – SSL setup  Now you need to start the LDAP and HTTP tasks to activate SSL for the Domino server.  For that use this commands via the Domino console: ─ Starting the LDAP task: load ldap ─ Starting the HTTP task: load http179 © 2013 IBM Corporation
  • 180. Agenda  What is IBM Mobile Connect?  Preparing the environment – Operating System, DNS, Software  Installation of DB2  Installation of IBM Mobile Connect  Configuration of IBM Mobile Connect Connection Profiles  Configuring Domino LDAP and SSL  Configuring IBM Mobile Connect SSL  Configuring IBM Mobile Connect HTTP Access Services  Configuring Domino-SSO via LTPA-Token  Configuring IBM Notes Traveler180 © 2013 IBM Corporation
  • 181. Configuring IBM Mobile Connect SSL  The IBM Mobile Connect Connection Manager could be setup to use SSL in various ways. For example we can use SSL for LDAP binding or for HTTP Access Services.  SSL configuration for IBM Mobile Connect is done by using the “IBM Key Management” Tool which is contained in each IBM Mobile Connect installation. The tools creates keyfiles in which the certificate public keys are stored. Those keyfiles will be assigned to the corresponding IBM Mobile Connect Gatekeeper resources.  The format of the keyfiles is “Cryptographic Message Syntax” (CMS).  For a production environment it is highly recommended to use certificates from official Certificate Authorities. In our setup were creating and using self-signed certificates.181 © 2013 IBM Corporation
  • 182. Configuration IBM Mobile Connect SSL  Logon to the Linux system as user “root”  Open your favorite shell (like the “Gnome Terminal”)182 © 2013 IBM Corporation
  • 183. Configuring IBM Mobile Connect SSL  Change to the directory “/opt/ibm/Gatekeeper”  Start the “IBM Key Management” tool from the console.183 © 2013 IBM Corporation
  • 184. Configuring IBM Mobile Connect SSL  Youll see the empty screen of the IBM Key Management tool.184 © 2013 IBM Corporation
  • 185. Configuring IBM Mobile Connect SSL  Now you need to create a new key database file. For that select “Key Database File” => “New”.185 © 2013 IBM Corporation
  • 186. Configuring IBM Mobile Connect SSL  As the format needs to be “Cryptographic Message Syntax” you have to select “CMS” as the key database type.  Choose a file name of your choice. It is recommended to choose an easy recognizable file name.186 © 2013 IBM Corporation
  • 187. Configuring IBM Mobile Connect SSL  Enter the password “passw0rd” (or a password of your choice). As a stash file is needed by IBM Mobile Connect you have to select the option “Stash the password to a file?”. Finish the process with “OK”.187 © 2013 IBM Corporation
  • 188. Configuring IBM Mobile Connect SSL  Select “Personal Certificates” from the dropdown dialog.  Then select “New Self-Signed...” to create a new self-signed certificate.188 © 2013 IBM Corporation
  • 189. Configuring IBM Mobile Connect SSL  Enter the values for the self-signed certificate. You need to ensure, that the common name equals the external DNS name of the IBM Mobile Connect server.189 © 2013 IBM Corporation
  • 190. Configuring IBM Mobile Connect SSL  In the “Personal Certificates” section youll see now the created certificate. The * character indicates that it is a self-signed certificate.190 © 2013 IBM Corporation
  • 191. Configuring IBM Mobile Connect SSL  Select “Key Database File” from the action menu and click “Exit” to close the “IBM Key Management” tool.191 © 2013 IBM Corporation
  • 192. Configuration of IBM Mobile Connect – First Setup  If needed the login credentials for the super-user “gkadmin” may be changed at this point. You dont need that for this setup, so we proceed with “No”.192 © 2013 IBM Corporation
  • 193. Configuration of IBM Mobile Connect – First Setup  The setup process now proceeds with the setup of a new Connection Manager. Click “Next” to start the setup.193 © 2013 IBM Corporation
  • 194. Configuration of IBM Mobile Connect – First Setup  Entering a unique identifier for this Connection Manager configuration. Using the full qualified hostname is a good practice at this point. ─ Connection manager identifier: imc.curi0.us  Proceed with “Next”.194 © 2013 IBM Corporation
  • 195. Configuration of IBM Mobile Connect – First Setup  The next screen displays the primary organizational unit. As its a new configuration there is (currently) nothing to do. Proceed with “Next”.195 © 2013 IBM Corporation
  • 196. Configuration of IBM Mobile Connect – First Setup  The setup of the first Connection Manager can now be finished. Click “Finish” to proceed. The process may take some time.196 © 2013 IBM Corporation
  • 197. Configuration of IBM Mobile Connect – First Setup  The Connection Manager is now created. Next we get asked, if we need a HTTP Access Service. We need this one for IBM Notes Traveler, so choose “Yes”.197 © 2013 IBM Corporation
  • 198. Configuration of IBM Mobile Connect – First Setup  The external URL (the so called Service URL) the IMC-HTTP Service should listen to is https://mobile.curi0.us.  Proceed with “Next”.198 © 2013 IBM Corporation
  • 199. Configuration of IBM Mobile Connect – First Setup  The Application server URL are the internal Traveler Server hostnames, using this syntax: TRAVELER https://traveler1.curi0.us,TRAVELER https://traveler2.curi0.us  The Authentication Profile and SSO will be configured later.199 © 2013 IBM Corporation
  • 200. Configuration of IBM Mobile Connect – First Setup  Choose “Finish” to create the HTTP Access Service.200 © 2013 IBM Corporation
  • 201. Configuration of IBM Mobile Connect – First Setup  The setup process now asks, if we want to setup a Mobile Access Service. Thats needed if you want to use IMC as a VPN Gateway. We only want to use the HTTP Access Service as a Secure Reverse Proxy for connecting IBM Notes Traveler. So choose “No”.201 © 2013 IBM Corporation
  • 202. Configuration of IBM Mobile Connect – First Setup  We are using LDAP for User authentication. So will need no further Connection Manager Accounts. Click “No” to proceed.202 © 2013 IBM Corporation
  • 203. Configuration of IBM Mobile Connect – First Setup  We would like to start the Connection Manager, so choose “Yes”203 © 2013 IBM Corporation
  • 204. Configuration of IBM Mobile Connect – First Setup  The Connection Manager will start after choosing “OK”.204 © 2013 IBM Corporation
  • 205. Configuration of IBM Mobile Connect – First Setup  We are done!  The Connection Manager is now up and running. To see whats configured using the Setup Wizard switch from the Gatekeeper “Tasks”-Navigator to the “Resources”-Navigator205 © 2013 IBM Corporation
  • 206. Configuration of IBM Mobile Connect  The “Resources” section shows the contents of the previously setup IBM Mobile Connect Connection Manager (Node “imc1.curi0.us”).  At the bottom of the “Mobile Connect” tree youll see the created “http service”.206 © 2013 IBM Corporation
  • 207. Configuration of IBM Mobile Connect  You start and stop the Connection using the Gatekeeper Client. For that select the name “imc1.curi0.us”, make a right-click and choose “Shutdown”. The shutdown needs to be confirmed.207 © 2013 IBM Corporation
  • 208. Configuration of IBM Mobile Connect  Youll get a confirmation dialog for the shutdown.208 © 2013 IBM Corporation
  • 209. Configuration of IBM Mobile Connect  To check the successful shutdown right-click on the connections name and select “Properties”.209 © 2013 IBM Corporation
  • 210. Configuration of IBM Mobile Connect  The right pane shows the properties of the Connection Manager. Scroll down on the “Gateway” tab and check the state.210 © 2013 IBM Corporation
  • 211. Configuration of IBM Mobile Connect  To start the connection select the name “imc1.curi0.us” with a right-click and choose “Startup”.  Youll get a confirmation dialog for the startup then.211 © 2013 IBM Corporation
  • 212. Configuration of IBM Mobile Connect  As the previously opened property dialog doesnt refresh the Connection Manager state automatically you need to close and reopen it.  Click on the upper right marked “x” of the property dialog to close it.212 © 2013 IBM Corporation
  • 213. Configuration of IBM Mobile Connect  Right-click the connections name and select “Properties”.213 © 2013 IBM Corporation
  • 214. Configuration of IBM Mobile Connect  Scroll down on the “Gateway” tab and check the state. It must be “running”.214 © 2013 IBM Corporation
  • 215. Agenda  What is IBM Mobile Connect?  Preparing the environment – Operating System, DNS, Software  Installation of DB2  Installation of IBM Mobile Connect  Configuration of IBM Mobile Connect Connection Profiles  Configuring Domino LDAP and SSL  Configuring IBM Mobile Connect SSL  Configuring IBM Mobile Connect HTTP Access Services  Configuring Domino-SSO via LTPA-Token  Configuring IBM Notes Traveler215 © 2013 IBM Corporation
  • 216. Configuring IBM Mobile Connect - HTTP Access Services  Now youll setup a HTTP Access Service which will be used to authenticate via the previously configured Domino LDAP. Furthermore the service will be used to forward the data packets to the IBM Notes Traveler server.  Containing steps of this procedure are ─ Setup of a Directory Server Resource ─ Setup of an Authentication Profile Resource ─ Setup of a HTTP Access Service Resources ─ Securing the HTTP Access Service with a SSL certificate ─ Setup of IBM Mobile Connect Single Sign-On (SSO) ─ Creation and export of a LTPA key file ─ Import of the LTPA key file into Domino216 © 2013 IBM Corporation
  • 217. Configuration of IBM Mobile Connect  The whole configuration of IBM Mobile Connect is done through the IBM Mobile Connect Gatekeeper.  Logon as the Linux user “root”.  Open your favorite console (i. e. the “Gnome Terminal”).217 © 2013 IBM Corporation
  • 218. Configuring IBM Mobile Connect - HTTP Access Services  Start the IBM Mobile Connect Gatekeeper through issuing the command “wgcfg” from the shell. That will start the application in the X-Window system.218 © 2013 IBM Corporation
  • 219. Configuring IBM Mobile Connect - HTTP Access Services  Right-click on the top-level resource entry and choose “Add resource” => “Directory Server”.219 © 2013 IBM Corporation
  • 220. Configuring IBM Mobile Connect - HTTP Access Services  Enter a descriptive name as the common name for this Directory server.  Enter the hostname for the remote directory server.220 © 2013 IBM Corporation
  • 221. Configuring IBM Mobile Connect - HTTP Access Services  Set the default base distinguished name which should be used for LDAP lookups. Leave that one empty if you dont want to restrict LDAP lookups for only special organizations. Proceed with “Next”.221 © 2013 IBM Corporation
  • 222. Configuring IBM Mobile Connect - HTTP Access Services  In the next wizard screen you have to enter the LDAP setting according to the Domino LDAP setup.  First you have to set the used port. Default is 389 (unencrypted). As youve configured LDAP over SSL on port 636 you need to enable “Use secure connection” and point IMC to the Key-Database, which contains the public keys of your Root CA used for your Domino SSL Server Key.222 © 2013 IBM Corporation
  • 223. Configuring IBM Mobile Connect - HTTP Access Services  Furthermore you have to enter the filepath and name of the key database file which youve created with the “IBM Key Manager” tool. ─ Key database: /opt/ibm/ConnectionManager/imc-mobile.kdb ─ Stash file: /opt/ibm/ConnectionManager/imc-mobile.sth223 © 2013 IBM Corporation
  • 224. Configuring IBM Mobile Connect - HTTP Access Services  Then you have to enter the username and password of the previously setup technical user. ─ Name: cn=&lmc &ldaplookup,ou=tech,o=midpoints ─ Password: ld4pl00kup  Proceed with “Next”.224 © 2013 IBM Corporation
  • 225. Configuring IBM Mobile Connect - HTTP Access Services  Select the primary organizational unit (o=midpoints) and click “Finish” to end the setup of the Directory server.225 © 2013 IBM Corporation
  • 226. Configuring IBM Mobile Connect - HTTP Access Services  Youll now see a new “Directory services server definition” within the menu tree.226 © 2013 IBM Corporation
  • 227. Configuring IBM Mobile Connect - HTTP Access Services  If you have to change the LDAP configuration, you can double click the “Directory services server definition” entry within the menu tree. Select your configured LDAP Server and press “Properties”.This is an optional information and mentioned for further re-configuration!227 © 2013 IBM Corporation
  • 228. Configuring IBM Mobile Connect - HTTP Access Services  Now youll setup an Authentication Profile. This profile defines how IBM Mobile Connect checks and validates users credentials.  Right-click the main menu item and select “Add Resource” => “Authentication Profile” => “LDAP-bind Authentication”.228 © 2013 IBM Corporation
  • 229. Configuring IBM Mobile Connect - HTTP Access Services  In the first wizard form you have to enter a common name for this profile, an optional description and the passcode policy. Leave all other fields empty. ─ Unrestricted Policy defines that there is no limit for false entered passwords.  Proceed with “Next”.229 © 2013 IBM Corporation
  • 230. Configuring IBM Mobile Connect - HTTP Access Services  Now select the Directory server which youve setup. For this installation youre using the “uid” as key field for identifying a user.  Leave the other fields as they are and proceed with “Next”.230 © 2013 IBM Corporation
  • 231. Configuring IBM Mobile Connect - HTTP Access Services  As Single-Sign-On for Domino should be used you have to enable the creation of a LTPA token.  Leave the other fields as they are and proceed with “Next”.231 © 2013 IBM Corporation
  • 232. Configuring IBM Mobile Connect - HTTP Access Services  Select the primary organizational unit (o=midpoints) and click “Finish” to end the setup of the Authentication Profile.232 © 2013 IBM Corporation
  • 233. Configuring IBM Mobile Connect - HTTP Access Services  Youll now see a new “Authentication profile” within the menu tree.233 © 2013 IBM Corporation
  • 234. Configuring IBM Mobile Connect - HTTP Access Services  Now its time to configure the HTTP Access Service Resource which has been created initially. Such a resource is responsible for forwarding inbound data traffic – after successful authentication – to a backend system (in our case Domino/Traveler). The new IBM Mobile Connect Version 6.1.5 is able to assign a single inbound URL to one HTTP Access Service. The HTTP Access Service can forward the request to multiple HTTP backend systems like Traveler, iNotes, Connections, Sametime or a Domino based web application (i. e. XPages).  You can setup additional HTTP Services, but then youll need additional DNS hostnames, SSL certificates and IP adresses.234 © 2013 IBM Corporation
  • 235. Configuring IBM Mobile Connect - HTTP Access Services  First we open our initially created HTTP Service Profile by double-clicking the “http-service0” entry in the navigator.235 © 2013 IBM Corporation
  • 236. Configuring IBM Mobile Connect - HTTP Access ServicesThe Service tab  Check if the “Service URL” is configured. This Service URL will be used on a device to connect to Traveler.  Enter the directory and file name of the key database and the stash file we created earlier. ─ Key database: /opt/ibm/ConnectionManager/imc-mobile.kdb ─ Stash file: /opt/ibm/ConnectionManager/imc-mobile.sth236 © 2013 IBM Corporation
  • 237. Configuring IBM Mobile Connect - HTTP Access ServicesThe Server tab  The “Application server URL” defines the backend systems to which requests are getting forwarded. ─ The systems are separated by comma. ─ There are keywords to define the type of the used backend system: TRAVELER, CONNECTIONS, SAMETIME INOTES  For every Traveler Server in our HA Pool, we need to add an entry: TRAVELER https://traveler1.curi0.us, TRAVELER https://traveler2.curi0.us237 © 2013 IBM Corporation
  • 238. Configuring IBM Mobile Connect - HTTP Access ServicesThe Server tab  The Scheduling algorithm defines how load balancing and failover take place.  We will setup an “Active / Passive failover” where traveler1.curi0.us will be the defined as the active server.238 © 2013 IBM Corporation
  • 239. Configuring IBM Mobile Connect - HTTP Access ServicesThe Mode tab  Switch to the “Mode” tab and change the credential challenge type from “Mobile Connect forms challenge” to “HTTP 401 basic authorization challenge”.  As Authentification Profile choose our configured “Auth LDAP Traveler1” Profile.239 © 2013 IBM Corporation
  • 240. Configuring IBM Mobile Connect - HTTP Access ServicesThe IBM Mobility tab  By enabling the “IBM Notes Traveler integration” checkbox IBM Mobile Connect knows that requests to /traveler or /servlet/traveler are Traveler specific and will forward these requests to the defined TRAVELER servers.  Save your changes to the HTTP Service by using the “Apply” and “OK” Button.  You have to stop and restart the HTTP Service.240 © 2013 IBM Corporation
  • 241. Configuring IBM Mobile Connect - HTTP Access Services  The last setup step within IBM Mobile Connect Gatekeeper is now to create the LTPA token for Single-Sign-On between IBM Mobile Connect and the backend servers.  For that youll have to open the created Authentication Profile (double-click the entry).241 © 2013 IBM Corporation
  • 242. Configuring IBM Mobile Connect - HTTP Access Services  Double-click the entry of the profile within the list in the right pane.  Then switch to the “LTPA/SSO” tab.242 © 2013 IBM Corporation
  • 243. Configuring IBM Mobile Connect - HTTP Access Services  Define the settings for the LTPA/SSO connection.243 © 2013 IBM Corporation
  • 244. Configuring IBM Mobile Connect - HTTP Access Services  Now select the creation of new LTPA keys and enter the password “ltp4p4ssw0rd” (the password should have 6-32 characters). This key will be imported into Domino later on.  Finish the creation with “Apply” (NOT “OK”).244 © 2013 IBM Corporation
  • 245. Configuring IBM Mobile Connect - HTTP Access Services  After the creation of the LTPA keys (you wont get a confirmation dialog) youll have to export them. Select “Export to keyfile” and enter the directory path including the file name. ─ LTPA export keyfile name: /opt/ibm/ConnectionManager/ltpa.token  Click “OK” to start the export.245 © 2013 IBM Corporation
  • 246. Agenda  What is IBM Mobile Connect?  Preparing the environment – Operating System, DNS, Software  Installation of DB2  Installation of IBM Mobile Connect  Configuration of IBM Mobile Connect Connection Profiles  Configuring Domino LDAP and SSL  Configuring IBM Mobile Connect SSL  Configuring IBM Mobile Connect HTTP Access Services  Configuring Domino-SSO via LTPA-Token  Configuring IBM Notes Traveler246 © 2013 IBM Corporation
  • 247. Configuring Domino-SSO via LTPA token  Now youll have to import the created LTPA token into the Domino Directory for enabling Single-Sign-On between the IBM Mobile Connect Server and IBM Domino.  Switch to the “All Server Documents” view in the Domino Directory and click the button “WebCreate Web SSO Configuration”.247 © 2013 IBM Corporation
  • 248. Configuring Domino-SSO via LTPA token  Now enter a name for this token configuration, your organization, the supported DNS names and the Domino server which should use this token.248 © 2013 IBM Corporation
  • 249. Configuring Domino-SSO via LTPA token  Proceed now with importing the LTPA token. For that you have to click the button “Keys...” and select “Import WebSphere LTPA Keys”.  Enter the directory and file name of the LTPA token and confirm with “OK”.  Save and close the Notes document.249 © 2013 IBM Corporation
  • 250. Configuring Domino-SSO via LTPA token  Switch to the “All Server Documents” view in the Domino Directory. Here open the servers document.250 © 2013 IBM Corporation
  • 251. Configuring Domino-SSO via LTPA token  Goto “Internet Protocols...” => “Domino Web Engine”. Change the session authentication type to “Multiple Servers (SSO)” and select the created SSO configuration.  Save and close the document.  Restart the server.251 © 2013 IBM Corporation
  • 252. Agenda  What is IBM Mobile Connect?  Preparing the environment – Operating System, DNS, Software  Installation of DB2  Installation of IBM Mobile Connect  Configuration of IBM Mobile Connect Connection Profiles  Configuring Domino LDAP and SSL  Configuring IBM Mobile Connect SSL  Configuring IBM Mobile Connect HTTP Access Services  Configuring Domino-SSO via LTPA-Token  Configuring IBM Notes Traveler252 © 2013 IBM Corporation
  • 253. Configuring IBM Notes Traveler  Youve already completed 99% of the needed configuration. ─ Setting up HTTPS on the IBM Domino Server ─ Enabling Single-Sign-On between IBM Mobile Connect and IBM Domino  The last step to complete this setup now is configuring IBM Notes Traveler.253 © 2013 IBM Corporation
  • 254. Configuring IBM Notes Traveler  Switch to the “All Server Documents” view in the Domino Directory. Here open the servers document.254 © 2013 IBM Corporation
  • 255. Configuring IBM Notes Traveler  Switch to the “IBM Notes Traveler” tab.  Enter the full qualified internet host name of the IBM Mobile Connect server + “/traveler” as the external URL.  Save and close the Notes document.  Finished!255 © 2013 IBM Corporation
  • 256. Agenda  High Availability in the context of IBM Notes Traveler  Using IBM WebSphere Edge Components as Load Balancer  Using IBM Mobile Connect as Reverse Proxy  Additional Notes  Q&A256 © 2013 IBM Corporation
  • 257. Additional Notes  We only scratched the surface of both products.  You can built real cool environments with them ─ High Availability ─ Authentication ─ For a range of ICS products  Just imagine...257 © 2013 IBM Corporation
  • 258. Additional Notes258 © 2013 IBM Corporation
  • 259. Agenda  High Availability in the context of IBM Notes Traveler  Using IBM WebSphere Edge Components as Load Balancer  Using IBM Mobile Connect as Reverse Proxy  Additional Notes  Q&A259 © 2013 IBM Corporation
  • 260. Q&A  Now and here ─ Get the mic!  Later ─ Via any social media – see contact details at the beginning of this slide deck.  (Updated) Slides will be on our blogs and on SlideShare.260 © 2013 IBM Corporation
  • 261. Legal disclaimer © IBM Corporation 2013. All Rights Reserved. The information contained in this publication is provided for informational purposes only. While efforts were made to verify the completeness and accuracy of the information contained in this publication, it is provided AS IS without warranty of any kind, express or implied. In addition, this information is based on IBM’s current product plans and strategy, which are subject to change by IBM without notice. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, this publication or any other materials. Nothing contained in this publication is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in this presentation to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in this presentation may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. Nothing contained in these materials is intended to, nor shall have the effect of, stating or implying that any activities undertaken by you will result in any specific sales, revenue growth or other results. Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc. in the United States, other countries, or both. Microsoft and Windows are trademarks of Microsoft Corporation in the United States, other countries, or both. Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both. Other company, product, or service names may be trademarks or service marks of others.261 © 2013 IBM Corporation

×