Configure and deploy an access application
Select an application that you want to securely access outside of your enterprise network. For example, try Sharepoint, SAP, Jira, Jenkins, or Confluence. Once created, you can search Enterprise Application Access for an application's name.
-
Log in to Enterprise Center.
-
In the Enterprise Center navigation menu, select Application Access > Applications > Applications.
-
Click Add Application (+).
-
Enter type, application name, and an optional description.
-
Click Add Application.
The application configuration page opens.
Next, configure access parameters for your application.
Configure access parameters for an application
To manage access to your applications configure access parameters such as the server's private IP address or fully qualified domain name, whether your server runs HTTPS or HTTP, add external domain certificate, origin server certificate for HTTPS traffic, and the nearest cloud zone for an application. For more information on specific application types, see Configure and deploy a remote desktop (RDP) application and Configure and deploy a SSH application.
You see a DRAFT VERSION next to the application name, until you deploy it.
-
Log in to Enterprise Center.
-
In the Enterprise Center navigation menu, select Application Access > Applications > Applications.
-
Click your access application to open it and configure the following:
-
Akamai Cloud Zone. Select a cloud zone located closest to the data-center where your application resides.
-
External Host. Provide an external host name for the application where the users can access the application. You can use your own domain or provide an Akamai domain.
-
-
Select and configure one of the following:
-
If you select Use Akamai domain, provide a URL, for example:
https://sample-web-app.go.akamai-access.com
.
If you use the Akamai domain, you don't need to configure a certificate. -
If you select Use your domain, provide your own domain.
If you use your own domain, you need to add a certificate and associate the certificate for your own domain and set up a CNAME redirect for the application.
-
-
If you are configuring a VNC application, optionally enter a VNC passphrase or password, if your server is configured to allow access via VNC.
-
You can also, optionally configure an application category.
-
To add connectors to the application go to Connectors.
-
Click Associate connector. Select one or more connectors and click Associate.
To remove a connector, click Disassociate next to it.
The associated connector appears in Connectors.The connectors should run when you deploy the application.
-
In the Server Settings configure the following for Application Server IP/FQDN:
-
Protocol. Choose https (default) for secure web traffic or http for http traffic.
-
Host: Port. Enter a valid internal IP address for the server or the fully qualified domain name (FQDN) that you use to access this web server when inside your company's network. Also enter an IP port number.
-
If no port is specified, port
443
is the default port. Check the preview to make sure it's okay.
To configure multiple applications servers for load balancing, click Add New Server (+) . Enterprise Application Access supports various load balancing techniques including round-robin, session or cookie stickiness, and source IP hash in Advanced Settings.
For origin server certificate validation, you must provide an FQDN for the Application server. It cannot be done with an IP address of the app server.
You can validate the authenticity of the origin server within the data center perform with the EAA connector.
-
Verify Origin Server Certificate (off-by-default). Allows you to do the origin server certificate validation. (recommended). Also select a root CA certificate.
If you disable Verify Origin Server Certificate, a warning message appears. -
ROOT CA Certificate. Choose the root CA certificate with the full bundle you uploaded into Enterprise Application Access. See Upload a ROOT CA certificate for origin server validation.
If you enable Verify Origin Server Certificate and do not upload a ROOT CA Certificate, a warning message appears.
Next, add authentication to the application.
-
In Authentication enable Authentication.
-
In Identity provider, select an identity provider from the list.
-
Click Assign Directory and select one or more directories from the list.
-
Click Associate.
The directory appears in Assigned Directories. -
In Access enable Access.
-
To create a new rule, click Add Rule (+).
-
To edit an existing rule, click Edit Rule.
A modal window appears.
-
-
In Rule Name enter a name for the rule and click Add.
-
In Type select Time.
-
In Operator select either
is
oris not
. -
In Value enter the value, if applicable, or select the value for the access control type.
-
Click Time to configure the time-based settings.
-
In Start Time and End Time enter a time in hh:mm, AM-PM format.
-
In time zone select a timezone.
-
Select the days of the week that you want to deny access.
-
-
Click Save.
-
You can optionally configure the following settings for your access application:
-
Services. Add any services like compression, URL rewrite rules, ICAP, URL path-based policies.
-
Advanced Settings. You can optionally configure advanced settings:
-
If Application-facing authentication mechanism is SAML 2.0., also configure SAML Settings.
-
If Application-facing authentication mechanism is WS-Federation, also configure WS-Federation Settings.
-
If Application-facing authentication mechanism is Open ID Connect 1.0., also configure OpenID.
-
-
In History leave default configuration and click Save.
Next, deploy your application.
Deploy the application
-
Log in to Enterprise Center.
-
In the Enterprise Center navigation menu, select Application Access > Applications > Applications.
-
Select your application to deploy.
It has Ready for Deployment status. -
Click the Deploy Application.
Pending Changes appears. All the pending deployment changes are shown. Make sure that application you just configured is selected. If you select any other application, they are simultaneously deployed. -
Click Deploy and add a Deploy Confirmation message in the dialog box, and click Deploy.
The deployment may take several minutes to complete. When it's ready, the completed deployment flow and App Deployed appear.
When deployed, your application is ready for secure access by your users.
Next, to see your application as user does, log in and access applications in the Login Portal.
Updated about 1 year ago