First Firewall: If you place a firewall between browsers and Access Manager Appliance, you need to open ports so that browsers can communicate with Access Gateway and Identity Server and Identity Server can communicate with other identity providers.
For information about ports required to open in the first firewall, see First Firewall
in the NetIQ Access Manager Appliance 4.3 Installation and Upgrade Guide.
Second Firewall: The second firewall separates web servers, LDAP servers, Analytics Server, and Administration Console from Identity Server and Access Gateway.
For information about ports required to open in the second firewall, see Second Firewall
in the NetIQ Access Manager Appliance 4.3 Installation and Upgrade Guide.
You need to open ports on the second firewall according to the offered services.
