1 2 Previous Next 17 Replies Latest reply: Dec 3, 2009 7:26 AM by Aaron Adams
Pierreiphone Level 1 Level 1 (25 points)
So from the postings, it looks like Snow Leopard Server requires a Proxy server.
My question is: We only have a single server in our organization. What is a recommended proxy server software/hardware/etc. so we could use Mobile Access Server?

Mac OS X (10.5.1), 20" Intel iMac
  • 1. Re: Mobile Access Single Server & Proxy
    Skrimfid Level 1 Level 1 (5 points)
    As I understand it Mobile Access Server acts as the reverse proxy for another server on your network. So to use Mobile Access Server you would need two Snow Leopard Servers, one on the edge of your network acting as the proxy and one internal that runs the services. I could be wrong but I think that's how it works.
  • 2. Re: Mobile Access Single Server & Proxy
    Pierreiphone Level 1 Level 1 (25 points)
    Awww man..really! thanks for the reply.
  • 3. Re: Mobile Access Single Server & Proxy
    Joachim Frey Level 1 Level 1 (70 points)
    I don't think so.
    It should work with just on Server, which is running the proxy, too.

    JO
  • 4. Re: Mobile Access Single Server & Proxy
    Benzinok Level 1 Level 1 (0 points)
    I still have not found any documentation to definitely say one or two servers. Proxy Servers typically like and behave better as a stand-alone unit, but most can run on the same server. The documentation states that this is a reverse proxy server. Does this mean reverse only?

    I should have my Xserve Tuesday, and I will be testing both a single server and dual server configuration. I will also be able to make a phone call to clarify some of these issues.
  • 5. Re: Mobile Access Single Server & Proxy
    keeperofthecheese Level 1 Level 1 (90 points)
    Full documentation is available in the Network Services Administration guide:
    http://manuals.info.apple.com/enUS/NetworkSvcsv10.6.pdf

    Chapter 9, "Working with Mobile Access Service", starting on p. 181 contains a richer explanation of the service, the benefits it provides, and when it may be useful to deploy.

    The recommended configuration is a minimum of two servers, one acting as the proxy and the second (and others) acting as origin server(s). This configuration minimizes the exposure of the origin server to the Internet and avoids complicated networking setups which can lead to TCP port conflicts. A picture of the setup would help clarify this, so I have requested such for the next revision of the document.

    It is important to note that SLS does NOT require a Mobile Access server.
  • 6. Re: Mobile Access Single Server & Proxy
    Pierreiphone Level 1 Level 1 (25 points)
    Thank you everyone for your help!
    I guess we'll have to save up for another Snow Leopard server and hardware.
  • 7. Re: Mobile Access Single Server & Proxy
    jpflager Level 1 Level 1 (0 points)
    So how do you connect to the mobile access server? It explains you connect via SSL but gives no details (path etc...). Any info is appreciated.
  • 8. Re: Mobile Access Single Server & Proxy
    gsfunkarch Level 1 Level 1 (0 points)
    One of the reasons I upgraded to SLS was the impression that it could host mobile access. Now that I discover it requires two servers I feel that Apple's advertising was misleading.

    Has anyone figured out how to do this with one server?
  • 9. Re: Mobile Access Single Server & Proxy
    Some Dude Level 1 Level 1 (55 points)
    Not only have I not figured out how to do it with 1 server, I can't get it working with 2!!! That document that everyone references is complete crap...it should give concrete examples, with diagrams, etc. One example use case would be the proxy MAS in the DMZ, with public IP, proxying back to an internal server behind the firewall running all the important services (web,mail,cal,address book)...with exact examples of everything from each IP, hostname, port access, etc. Wouldn't be hard to write this, get on the stick Apple, geessh! Another use case could be both servers on the internal network. Another use case could be combining functions and doing it all on 1 server (if this is indeed possible and supported).

    I work in IT, as an engineer for a software company, and the answers I seek are not out there in any form today. It is crazy that Snow Leopard has been out for 2 months and the Mobile Access Server for example is a complete black-hole. Come on Apple! If you want people to take you seriously over Microsoft servers, you need to document everything, and have helpful documented examples for people prior to launch. It's pathetic when people are paying 500 bucks after having paid 1000 for Leopard server just 1 year ago.
  • 10. Re: Mobile Access Single Server & Proxy
    ebrind Level 1 Level 1 (15 points)
    Below is what I did to get Mobile Access to work with 1 Server.

    The link was simply https://subdomain.yourdomain.com

    Please keep in mind you have to forward the ports you have setup in Mobile Access if you have a router or firewall in front of your server.

    In my case I forwarded ports 443 and the ports i used for Address Book, iCal and Mail in the Server Admin section of Mobile Access.

    If you are going to use SSL your certificate has to match your link (https://subdomain.yourdomain.com) without the the https://

    The other thing I had to do to get it working was create an A Record for my sub-domain at the main domain level to forward to the public IP of my server.

    Example: A (Host) Subdomain Points to: xxx.xxx.xxx.xxx

    Once I completed the above steps I was able access Mobile Access. I did get the certificate warning but this is only due to me using a self-assigned certificate. If you get a Trusted Certificate this should go away.

    Hope this helps!

    Thanks,

    ebrind
  • 11. Re: Mobile Access Single Server & Proxy
    ebrind Level 1 Level 1 (15 points)
    Hello,

    Thought I would post an update.

    I reinstalled my server again and was able to get Mobile Access working with only opening port 443 on the router. The other ports were not needed for Mobile Access to work. Everything else still applied.

    Thanks,

    ebrind
  • 12. Re: Mobile Access Single Server & Proxy
    Kostas B Level 1 Level 1 (90 points)
    So, do we need TWO machines to accomplish the Mobile Access feature?

    Can we use a virtual machine for the proxy machine?

    Thanks

    Kostas
  • 13. Re: Mobile Access Single Server & Proxy
    ebrind Level 1 Level 1 (15 points)
    Hello,

    I do not believe so. It may be the preferred method of setup however mine worked straight away and I did not even have to mess with the reverse proxy settings. As soon I went to https://subdomain.mydomain.com I was redirected to:

    https://subdoamin.mydoamin.com/secureproxylogin.php?https://subdomain.mydomain.com/

    Hope this helps!

    Thanks,

    ebrind
  • 14. Re: Mobile Access Single Server & Proxy
    Kostas B Level 1 Level 1 (90 points)
    Can you please be more specific with the procedure?

    Ive followed your instructions and did not work.

    Thanks

    Kostas
1 2 Previous Next