Perimeter Server Considerations
Refer to the following considerations when configuring or editing
a perimeter server definition:
- If you change the perimeter server associated with an adapter, stop and restart the adapter to implement the change.
- If you change a more secure perimeter server configuration, you may need to restart the engine that uses the perimeter server before the changes are enabled.
- For a perimeter server installed in a less secure zone, the value of the parameter called restricted in the remote_perimeter.properties is set to false by default. Do not change it.
- Before changing a remote perimeter server configuration, first stop all adapters that are using that perimeter server. If you save changes to a perimeter server definition without stopping the adapters that use the perimeter server, errors may occur, the adapters are stopped, and any sessions that are active are stopped. You will be unable to restart these adapters. First stop and restart the remote perimeter server that is used by the adapter and then restart the adapters.
- To change the listen port, outbound port range, or perimeter server that a Connect:Direct® adapter uses, stop the adapter, make the necessary changes, and enable the adapter.
- If you experience a connection failure, refer to the perimeter server log for additional error information.
- Some configuration issues exist when using two NIC cards configured
with one remote perimeter server. When configuring client software,
be sure to identify the correct IP address based on the definition
of the external network interface.
When configuring the client software, make sure to use the IP address defined for the external network interface. When using the host name, make sure the host name refers to the IP address specified during the network interface configuration. If not, use the IP address only.
- If you change the value of a Sterling External Authentication Server perimeter server in an adapter from local to a more secure configuration, restart the perimeter server or the Secure Proxy engine.
- The remote_perimeter.properties file should not be modified except in special circumstances. If you have modified this file and are upgrading your perimeter server from Secure Proxy 3.1.01 Perimeter Server to Secure Proxy 3.4.1 Perimeter Server, the changes are overwritten. If it is necessary to keep the modifications to this file, save the remote_perimeter.properties file to a safe location for future reference before upgrading.