Skip navigation
This discussion is archived

Mobile Access Single Server & Proxy

9851 Views 17 Replies Latest reply: Dec 3, 2009 7:26 AM by Aaron Adams RSS
1 2 Previous Next
Pierreiphone Level 1 Level 1 (25 points)
Currently Being Moderated
Sep 2, 2009 8:01 PM
So from the postings, it looks like Snow Leopard Server requires a Proxy server.
My question is: We only have a single server in our organization. What is a recommended proxy server software/hardware/etc. so we could use Mobile Access Server?
Mac OS X (10.5.1), 20" Intel iMac
  • Skrimfid Calculating status...
    Currently Being Moderated
    Sep 3, 2009 8:38 AM (in response to Pierreiphone)
    As I understand it Mobile Access Server acts as the reverse proxy for another server on your network. So to use Mobile Access Server you would need two Snow Leopard Servers, one on the edge of your network acting as the proxy and one internal that runs the services. I could be wrong but I think that's how it works.
    of many, the MacBook is my fav!, Mac OS X (10.6)
  • Joachim Frey Level 1 Level 1 (70 points)
    Currently Being Moderated
    Sep 4, 2009 4:07 AM (in response to Skrimfid)
    I don't think so.
    It should work with just on Server, which is running the proxy, too.

    JO
    MacBook Pro, Mac OS X (10.6)
  • Benzinok Calculating status...
    Currently Being Moderated
    Sep 4, 2009 7:00 AM (in response to Joachim Frey)
    I still have not found any documentation to definitely say one or two servers. Proxy Servers typically like and behave better as a stand-alone unit, but most can run on the same server. The documentation states that this is a reverse proxy server. Does this mean reverse only?

    I should have my Xserve Tuesday, and I will be testing both a single server and dual server configuration. I will also be able to make a phone call to clarify some of these issues.
  • keeperofthecheese Calculating status...
    Currently Being Moderated
    Sep 4, 2009 2:34 PM (in response to Pierreiphone)
    Full documentation is available in the Network Services Administration guide:
    http://manuals.info.apple.com/enUS/NetworkSvcsv10.6.pdf

    Chapter 9, "Working with Mobile Access Service", starting on p. 181 contains a richer explanation of the service, the benefits it provides, and when it may be useful to deploy.

    The recommended configuration is a minimum of two servers, one acting as the proxy and the second (and others) acting as origin server(s). This configuration minimizes the exposure of the origin server to the Internet and avoids complicated networking setups which can lead to TCP port conflicts. A picture of the setup would help clarify this, so I have requested such for the next revision of the document.

    It is important to note that SLS does NOT require a Mobile Access server.
    Macs. Lotsa macs. Some you've haven't seen. Yet., Mac OS X (10.6)
  • jpflager Calculating status...
    Currently Being Moderated
    Oct 6, 2009 8:28 AM (in response to Pierreiphone)
    So how do you connect to the mobile access server? It explains you connect via SSL but gives no details (path etc...). Any info is appreciated.
    Mini, Mac OS X (10.6.1)
  • gsfunkarch Calculating status...
    Currently Being Moderated
    Nov 4, 2009 8:16 PM (in response to Pierreiphone)
    One of the reasons I upgraded to SLS was the impression that it could host mobile access. Now that I discover it requires two servers I feel that Apple's advertising was misleading.

    Has anyone figured out how to do this with one server?
    Mac Pro, Mac OS X (10.5), Server / Workstation
  • Some Dude Level 1 Level 1 (55 points)
    Currently Being Moderated
    Nov 4, 2009 8:39 PM (in response to gsfunkarch)
    Not only have I not figured out how to do it with 1 server, I can't get it working with 2!!! That document that everyone references is complete crap...it should give concrete examples, with diagrams, etc. One example use case would be the proxy MAS in the DMZ, with public IP, proxying back to an internal server behind the firewall running all the important services (web,mail,cal,address book)...with exact examples of everything from each IP, hostname, port access, etc. Wouldn't be hard to write this, get on the stick Apple, geessh! Another use case could be both servers on the internal network. Another use case could be combining functions and doing it all on 1 server (if this is indeed possible and supported).

    I work in IT, as an engineer for a software company, and the answers I seek are not out there in any form today. It is crazy that Snow Leopard has been out for 2 months and the Mobile Access Server for example is a complete black-hole. Come on Apple! If you want people to take you seriously over Microsoft servers, you need to document everything, and have helpful documented examples for people prior to launch. It's pathetic when people are paying 500 bucks after having paid 1000 for Leopard server just 1 year ago.
    MacPro 2008 3.2GHz 8-core,32GB RAM,4x1TB in a hardware RAID5, Dual 8800GT's, Mac OS X (10.6.1), Snow Leopard Server
  • ebrind Level 1 Level 1 (15 points)
    Currently Being Moderated
    Nov 12, 2009 4:35 PM (in response to jpflager)
    Below is what I did to get Mobile Access to work with 1 Server.

    The link was simply https://subdomain.yourdomain.com

    Please keep in mind you have to forward the ports you have setup in Mobile Access if you have a router or firewall in front of your server.

    In my case I forwarded ports 443 and the ports i used for Address Book, iCal and Mail in the Server Admin section of Mobile Access.

    If you are going to use SSL your certificate has to match your link (https://subdomain.yourdomain.com) without the the https://

    The other thing I had to do to get it working was create an A Record for my sub-domain at the main domain level to forward to the public IP of my server.

    Example: A (Host) Subdomain Points to: xxx.xxx.xxx.xxx

    Once I completed the above steps I was able access Mobile Access. I did get the certificate warning but this is only due to me using a self-assigned certificate. If you get a Trusted Certificate this should go away.

    Hope this helps!

    Thanks,

    ebrind
    Mac Pro, Mac OS X (10.6.2)
  • ebrind Level 1 Level 1 (15 points)
    Currently Being Moderated
    Nov 16, 2009 12:38 AM (in response to ebrind)
    Hello,

    Thought I would post an update.

    I reinstalled my server again and was able to get Mobile Access working with only opening port 443 on the router. The other ports were not needed for Mobile Access to work. Everything else still applied.

    Thanks,

    ebrind
    Mac Pro, Mac OS X (10.6.2)
  • Kostas B Calculating status...
    Currently Being Moderated
    Nov 16, 2009 1:34 AM (in response to ebrind)
    So, do we need TWO machines to accomplish the Mobile Access feature?

    Can we use a virtual machine for the proxy machine?

    Thanks

    Kostas
    Dual 1.25 PowerPC G4 - MacBook Pro 2.16, Mac OS X (10.6.2), ACMT, ACHDS
  • ebrind Level 1 Level 1 (15 points)
    Currently Being Moderated
    Nov 16, 2009 1:42 AM (in response to Kostas B)
    Hello,

    I do not believe so. It may be the preferred method of setup however mine worked straight away and I did not even have to mess with the reverse proxy settings. As soon I went to https://subdomain.mydomain.com I was redirected to:

    https://subdoamin.mydoamin.com/secureproxylogin.php?https://subdomain.mydomain.com/

    Hope this helps!

    Thanks,

    ebrind
    Mac Pro, Mac OS X (10.6.2)
  • Kostas B Level 1 Level 1 (90 points)
    Currently Being Moderated
    Nov 17, 2009 7:17 AM (in response to ebrind)
    Can you please be more specific with the procedure?

    Ive followed your instructions and did not work.

    Thanks

    Kostas
    Dual 1.25 PowerPC G4 - MacBook Pro 2.16, Mac OS X (10.6.2), ACMT, ACHDS 09
1 2 Previous Next

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.