Applies To:
Show VersionsBIG-IP APM
- 13.1.1, 13.1.0
About AAA OAM server configuration
You can configure only one AAA OAM server, but it can support multiple AccessGates from the same access server. When you create a AAA OAM server, its transport security mode must match the setting in the OAM access server.
Task summary for integrating Access Policy Manager with OAM
Before you begin
Before you start to integrate Access Policy Manager® with OAM, configure the Access Server and AccessGates through the Oracle Access administrative user interface. Refer to Oracle® Access Manager Access Administration Guide for steps.
Task list
Follow these steps to integrate Access Policy Manager with a supported OAM server.
Importing AccessGate files when transport security is set to cert
Creating an AAA OAM server
Adding AccessGates to the OAM AAA server
Creating a virtual server
Troubleshooting tips
You might run into problems with the integration of Access Policy Manager® and OAM in some instances. Follow these tips to try to resolve any issues you might encounter.
Troubleshooting tips for initial configuration
You should | Steps to take |
---|---|
Check network connectivity | Ping the OAM Access Server from the BIG-IP system. |
Test without OAM support enabled first | Before you test with OAM support enabled, make sure that the BIG-IP system has basic
connectivity to protected applications.
|
Check the configuration for accuracy |
|
Additional troubleshooting tips
You should | Steps to take |
---|---|
Verify access | OAM provides tools for the administrator to test how access policies respond to various requests. Use the Access Tester to test access policies with given identities and for given users. This tool can be helpful in determining whether the access provided by BIG-IP system is consistent with the policies configured under OAM. |
Resolve sudden problems | Changes that have been made on the OAM server can cause mismatches on the BIG-IP
system due to a configuration cache that is kept on the BIG-IP system. To resolve this
problem, delete the cache configuration file of the corresponding AccessGate configuration.
|
Check logs | Enable and review the log files on the BIG-IP system.
|