• Downloads
• Configuring IF-MAP Client Settings on the Infranet Controller (NSM Procedure)    

• Related Topics
• Configuring IF-MAP Server Settings on the Infranet Controller (NSM Procedure)
• Configuring IF-MAP Session Export Policy on the Infranet Controller (NSM Procedure)
• Configuring IF-MAP Session Import Policy on the Infranet Controller (NSM Procedure)
• Configuring IF-MAP Server Replicas (NSM Procedure)

Configuring IF-MAP Client Settings on the Infranet Controller (NSM Procedure)

You must identify the IF-MAP server to each Infranet Controller and SA appliance IF-MAP client. To add the server, you specify the IF-MAP URL of the server and how to authenticate to the server. Match the URL and security settings to equal those on the IF-MAP server(s) to which the IF-MAP client will connect.

To configure IF-MAP client settings on the Infranet Controllers or SA appliances that will be IF-MAP clients:

1. In the NSM navigation tree, select Device Manager > Devices.
2. Click the Device Tree tab, and then double-click the Infranet Controller for which you want to configure IF-MAP client settings.
3. Click the Configuration tab. In the configuration tree, select System > IF–MAP Federation > Overview.
4. From the IF-MAP Configuration list, select IF-MAP Client.
5. Type the server URL for the IF-MAP Web service on the IF-MAP server. For a Juniper IF-MAP server, use:

   https://<FQDN>/dana-ws/soap/dsifmap

   FQDN is the fully qualified domain name of the replica's internal or external interface; for a cluster, the FQDN of the internal or external VIP should be used.

6. Under Authentication Type, select the Client Authentication Method: Basic or Certificate.
   • If you select Basic, enter a username and password. The same information should be added to the IF-MAP server.
   • If you select Certificate, select the device certificate to use.
   • Ensure that the certificate of the CA that signed the IF-MAP server certificate is added from the System > Configuration > Certificates > Trusted Server CAs page.

     The IF-MAP client validates the IF-MAP server certificate: if validation fails, the connection fails. Ensure that the hostname in the IF-MAP URL on the client machine matches the hostname of the server certificate on the IF-MAP server, and that the CA that signed the server certificate is configured as a trusted server CA on the IF-MAP client.

7. Click OK to save the changes.