10.1 Installing or Updating Security Patches for the Access Gateway Appliance

To get the latest security updates for Access Gateway Appliance, you can follow any of these options:

10.1.1 Registering to Novell Customer Center

To get the latest security updates for Access Gateway Appliance, the user must register with the Novell Customer Center by using the activation code obtained with the product:

If you face issues while using the activation code to register, see Resetting your ZEN Updater and Novell Customer Center Key Registration.

  1. Go to YaST > Support > Novell Customer Center Configuration.

  2. Select Configure Now (Recommended). In addition to the options that are selected by default, select Registration Code.

  3. Click Next.

    The Manual Interaction Required screen appears. It might take a few minutes to connect to the server.

    This screen indicates that to activate the product, you must provide a valid e-mail ID associated with the Novell account and the activation code.

  4. Click Continue.

  5. To specify the e-mail address, activation code and system name in the relevant fields:

    1. Select the relevant option, then press Enter. A text field appears in the bottom left corner of the screen.

    2. Specify value for the selected option in this text field, then press Enter to return to the screen.

    3. Repeat these steps for each field.

  6. Click Submit after you have specified all the relevant information to complete the registration.

  7. Enter Q to close the window.

  8. Enter Y at the prompt.

    The Manual Interaction Required screen is displayed. It indicates that the software repositories are created. You will receive a message from the Novell Customer Center Configuration indicating that the configuration was successful.

  9. Click OK to return to YaST Control Center.

  10. Click Quit to exit YaST.

  11. Open a shell prompt and specify the following command to verify if the repository named NAM4x-APP-Updates was created:

                    zypper lr

    An output similar to the following appears

    # | Alias                                | Name
| Enabled | Refresh
--+--------------------------------------+-----------------------------------
1 | NetIQAccessGatewayAppliance-4.x.x-x | NetIQAccessGatewayAppliance-4.x.x-x | Yes     | No
2 | nu_novell_com:NAM4x-APP-Updates      | NAM4x-APP-Updates
| Yes     | Yes

  12. Run the zypper up command to install the patches

  13. After the patches are installed, restart the machine.

  14. Confirm that all the patches are installed by running zypper up command again.

10.1.2 Configuring Subscription Management Tool for The Access Gateway Appliance

Access Gateway Appliance can be configured to register against local Subscription Management Tool (SMT) server and download software updates from there instead of communicating directly with the Novell Customer Center and the NU servers.

To use an SMT server for client registration and as a local update source, you must configure the SMT server in your network first. The SMT server software is distributed as an add-on for SUSE Linux Enterprise Server. For information about configuring the SMT server, see Subscription Management Tool (SMT) for SUSE Linux Enterprise 11.

The following sections describe the configuration required for Access Gateway Appliance:

SMT Configuration

You must configure the SMT server and set up subscription for NAM4x-APP-Updates channel to receive the updates for Access Gateway Appliance.

  1. Install the SMT server in a SLES 11 SP4 Server. For more information, see Subscription Management Tool (SMT) for SUSE Linux Enterprise 11.

  2. Log in to you Novell Customer Center account.

  3. Select My Products > Mirroring Credentials, then click Generate Credentials.

  4. Copy the mirroring credentials before logging out of your Novell Customer Center account.

  5. Run the SMT Configuration tool from YAST, then specify the mirroring credentials.

  6. Run the SMT Management tool.

    The NAM4x-APP-Updates, sle-11-x86_64 repository is displayed in the Repositories tab.

  7. Select sle-11-x86_64, then click Toggle Mirroring to ensure mirroring is selected for this repository.

  8. Click Mirror Now. This step ensures that the NAM4x-APP-Updates channel updates are mirrored from nu.novell.com to your local SMT server.

  9. When mirroring is complete, click OK to close the tool.

Configuring Access Gateway Appliance

  1. Copy /usr/share/doc/packages/smt/clientSetup4SMT.sh from the SMT server to the client machine.

    You can use this script to configure a client machine to use the SMT server or to reconfigure it to use a different SMT server.

  2. Specify the following command as root to execute the script on the client machine:

    ./clientSetup4SMT.sh --host server_hostname

    For example,

    ./clientSetup4SMT.sh --host smt.example.com.

    You can get the SMT server URL by running the SMT Configuration tool at the server. The URL is set by default.

  3. Enter y to accept the CA certificate of the server.

  4. Enter y to start the registration.

  5. The script performs all necessary modifications on the client.

  6. Execute the following command to perform registration:

    suse_register

  7. Specify the following command to get online updates from the local SMT server:

    zypper up

  8. Reboot the machine if prompted at the end of any patch install.

  9. Confirm that all the patches are installed by running zypper up command again.