Previous Topic: Configuring a Web Server as a Reverse Proxy Server

Next Topic: Example: Configuring the Apache Web server 2.2.6 as a Reverse Proxy Server on a Red Hat Enterprise Linux 5.0

Integration GuideIntegration with RSA SecurIDConfiguring a Web Server as a Reverse Proxy ServerExample: Configuring Internet Information Services 7.0 on Windows Server 2008 as a Reverse Proxy Server

Example: Configuring Internet Information Services 7.0 on Windows Server 2008 as a Reverse Proxy Server

In this example, Steve the system administrator installed the Enterprise Management Server and Internet Information Services (IIS) 7.0 on a Windows Server 2008 with the Application Request Routing (ARR) module installed. The ARR module enables the IIS to act as a proxy server.

  1. Steve enables the IIS proxy settings on the internet Information Services server:
    1. Selects Start, Administrative Tools, internet Information Services (IIS) Manager

      The internet Information Services (IIS) Manager console opens.

    2. Selects the host from the left pane to expend the actions pane and selects the Application Request Routing Cache icon.

      The Application Request Routing Cache management console opens.

    3. Selects Server Proxy Settings from the actions pane.
    4. Marks the Enable Proxy check box and clicks Apply.

      Steve has enabled the IIS proxy settings.

  2. Steve configures the IIS to forward requests to the Enterprise Management Server:
    1. Expands the Sites menu and selects the default website.
    2. Highlights the URL Rewrite icon and selects Open Feature from the Actions menu.

      The URL Rewrite configuration console opens.

    3. Selects Add Rules from the Actions menu.

      The Add Rules window opens.

    4. Under the Inbound Rules, selects Blank Rule and clicks Ok.

      The Edit Inbound Rule configuration window opens.

    5. Specifies the rule name and selects (iam.+) from the Patterns menu.
    6. Scrolls down to the Action section and selects Rewrite from the Action type menu.
    7. Enters the CA Access Control Enterprise Management URL in the URL Rewrite filed using the following format. 
      http://enterprise_host:8080/{R:0}
    8. Clicks Apply to create the rule.

      The new inbound rule is created.

    9. Repeats steps c to h using (castyles.+) from the Patterns menu.

      Steve has configured the IIS to forward requests to the Enterprise Management Server.

  3. Steve configures RSA SecurID to secure the web server:
    1. Selects the Default Web Site in the internet Information Services (IIS) Manager console and double clicks the RSA SecurID icon.

      The RSA SecurID settings window opens.

    2. Selects the following check boxes:
      • Enables RSA SecurID Web Access Authentication Feature on This Server
      • Protect This Resource
    3. Selects apply from the Actions menu
  4. Steve configures the RSA Web Agent to enable Single Sign Off (SSO) for CA Access Control Enterprise Management
    1. Opens the regedit utility and navigates to the following location: 
      HKEY_LOCAL_MACHINE\SOFTWARE\SDTI\RSAWebAgent
    2. Creates a registry key of type DWORD under the name RSAUSERCustomHeader.
    3. Sets the registry key value to 1

    Steve has configured Internet Information Services as a reverse proxy server.