Add and configure a TCP-type client-access application
Add a TCP-type client-access application to EAA Client and configure the parameters.
Create a TCP-type client access application and configure it with the parameters.
- From the top menu bar, click Applications.
- Click Add application.
- In the Add Custom apps area, click Client-Access app.
- Enter an application name and description. Select TCP mode (single port, port-mapping, load-balancing options) for the Type.
- Click Create App and Configure.
- Click Add icon. (optional) Add any icon for your application from the gallery.
General tab, for the Application server
IP/FQDN field, enter the IP address or fully qualified domain
name (FQDN), as well as the port of the TCP application.
Note: A TCP-type client-access application is created for every single TCP application, on a per application basis. Therefore, it needs a unique value in the application server IP/FQDN field.
In the Application host
field, enter the hostname of the client access application. This is the hostname
that the native client uses to communicate with the application or application
server. For example, if you are configuring a client like Outlook, this would be
the hostname that is associated with Outlook accounts in your organization such
mail.mydomain.com and is used to communicate with Microsoft
Exchange. Specify the same port number, as you did for the Application server
IP/FQDN. In this example, the port is 25. The EAA Client listens for traffic on this port from the user's
Note: If the application server port number is already used on your machine for running some other service, the IT administrator can choose a different port number for the internal host to avoid port collision. In this example, application host port number is set to 255 since 25 was already used by the IT administrator.Note: If the application resides on multiple servers inside your data center, you can configure a single TCP-type client-access application and have load-balancing capability for your application. Click Add more to add the additional IP/FQDNs. In this example, multiple FQDNs, 10.0.2.15:25 and 10.0.2.16:25 are specified for the application servers.
In the Endpoint host
name field enter the cloud endpoint of your application. This
is the cloud endpoint for all communications between the client access
application and Enterprise Application Access (EAA).
Additionally, choose one of these domains:
- Use your
domain. If you use your own custom domain, you must provide
a certificate configured as a complete bundle with all the subordinates
(having the full chain of trust), otherwise you will see a web-socket error.
To use an uploaded certificate, select Use uploaded
certificates and follow the steps in Add a certificate to EAA
- Use Akamai domain. If you use an Akamai domain no certificate is needed.
- Use your domain. If you use your own custom domain, you must provide a certificate configured as a complete bundle with all the subordinates (having the full chain of trust), otherwise you will see a web-socket error. To use an uploaded certificate, select Use uploaded certificates and follow the steps in Add a certificate to EAA
- Select an Akamai Cloud Zone. The cloud zone should be a geographic location that is closest to the data center where your application server resides. The Akamai Cloud Zone can be of the form Client-* like Client-US-East, Client-US-West, etc closest to the application in the data center.
Associate a connector to the
- Click Add or remove connector and select a connector from the dialog.
- Click Done.
- Click Save and go to Authentication.
- In the Authentication tab, click Assign identity provider. The identity providers that are enabled for the EAA Client appear. Select the identity provider which has the directories and groups who will access this application.
- Click Save and go to Services. The Service tab opens to let you configure these optional services
- Click Save and go to Advanced settings.
Complete the optional Advanced
Settings. See Set up advanced settings for an application.
Note: For a client-access application, the Enable websocket support option is enabled by default. This option is required to establish a tunnel from the client to the EAA cloud.Note: To provide selective access to an application to certain users, groups or specific time periods, see Access control rules.
- Click Save and go to Deployment.
- In the Deployment tab, click Deploy Application. This option is only available if all the required fields are completed for the application.