So from the postings, it looks like Snow Leopard Server requires a Proxy server.
My question is: We only have a single server in our organization. What is a recommended proxy server software/hardware/etc. so we could use Mobile Access Server?
As I understand it Mobile Access Server acts as the reverse proxy for another server on your network. So to use Mobile Access Server you would need two Snow Leopard Servers, one on the edge of your network acting as the proxy and one internal that runs the services. I could be wrong but I think that's how it works.
I still have not found any documentation to definitely say one or two servers. Proxy Servers typically like and behave better as a stand-alone unit, but most can run on the same server. The documentation states that this is a reverse proxy server. Does this mean reverse only?
I should have my Xserve Tuesday, and I will be testing both a single server and dual server configuration. I will also be able to make a phone call to clarify some of these issues.
Chapter 9, "Working with Mobile Access Service", starting on p. 181 contains a richer explanation of the service, the benefits it provides, and when it may be useful to deploy.
The recommended configuration is a minimum of two servers, one acting as the proxy and the second (and others) acting as origin server(s). This configuration minimizes the exposure of the origin server to the Internet and avoids complicated networking setups which can lead to TCP port conflicts. A picture of the setup would help clarify this, so I have requested such for the next revision of the document.
It is important to note that SLS does NOT require a Mobile Access server.
One of the reasons I upgraded to SLS was the impression that it could host mobile access. Now that I discover it requires two servers I feel that Apple's advertising was misleading.
Has anyone figured out how to do this with one server?
Not only have I not figured out how to do it with 1 server, I can't get it working with 2!!! That document that everyone references is complete crap...it should give concrete examples, with diagrams, etc. One example use case would be the proxy MAS in the DMZ, with public IP, proxying back to an internal server behind the firewall running all the important services (web,mail,cal,address book)...with exact examples of everything from each IP, hostname, port access, etc. Wouldn't be hard to write this, get on the stick Apple, geessh! Another use case could be both servers on the internal network. Another use case could be combining functions and doing it all on 1 server (if this is indeed possible and supported).
I work in IT, as an engineer for a software company, and the answers I seek are not out there in any form today. It is crazy that Snow Leopard has been out for 2 months and the Mobile Access Server for example is a complete black-hole. Come on Apple! If you want people to take you seriously over Microsoft servers, you need to document everything, and have helpful documented examples for people
prior to launch. It's pathetic when people are paying 500 bucks after having paid 1000 for Leopard server just 1 year ago.
The other thing I had to do to get it working was create an A Record for my sub-domain at the main domain level to forward to the public IP of my server.
Example: A (Host) Subdomain Points to: xxx.xxx.xxx.xxx
Once I completed the above steps I was able access Mobile Access. I did get the certificate warning but this is only due to me using a self-assigned certificate. If you get a Trusted Certificate this should go away.
I reinstalled my server again and was able to get Mobile Access working with only opening port 443 on the router. The other ports were not needed for Mobile Access to work. Everything else still applied.
I do not believe so. It may be the preferred method of setup however mine worked straight away and I did not even have to mess with the reverse proxy settings. As soon I went to
https://subdomain.mydomain.com I was redirected to: