Configuring SuSEfirewall2 on SLES 12 for Access Manager
First, create a Firewall Service file that contains the necessary ports to open (the example below assumes the Administration Console and Identity Server run on the same machine - refer to the documentation to adjust as necessary)
> vi /etc/sysconfig/SuSEfirewall2.d/services/netiq-access-manager
Add this content to the file:
## Name: NetIQ Access Manager Services
## Description: Firewall Configuration file for Access Manager
# space separated list of allowed TCP ports
TCP="80 389 443 524 636 1289 1443 2443 8080 8443:8446"
# space separated list of allowed UDP ports
UDP="524"
# space separated list of allowed RPC services
RPC=""
# space separated list of allowed IP protocols
IP=""
# space separated list of allowed UDP broadcast ports
BROADCAST=""
Next, alter the Firewall configuration to perform the port forwarding.
> vi /etc/sysconfig/SuSEfirewall2
Find the line:
FW_REDIRECT=""
And change to:
FW_REDIRECT="0/0,0/0,tcp,80,8080 0/0,0/0,tcp,443,8443"
Launch YaST Firewall, and enable. Add Secure Shell Server and NetIQ Access Manager Services to the Allowed Services for the zone you assigned to the interface. Apply changes and test.