Implementation

Networking

Estimated reading: 2 minutes 244 views

In order to establish a secure connection between the MyPass Password Manager and customer repositories, the MyPass Gateway is used to proxy traffic. All traffic to the MyPass Gateway will always originate from the MyPass Password Manager and is only incoming (the MyPass Gateway will never initiate traffic to the public internet).  The MyPass Gateway can be deployed within the LAN or DMZ of a customer site and requires a secure access from the MyPass Password Manager platform.

Implementing the Requirements

For this to be achieved, the following requirements must be met to secure publish the MyPass Gateway to the MyPass Password Manager:

  1. The MyPass Gateway server needs to be provided with a PUBLIC IP ADDRESS that is presented via NAT (Network Address Translation) to the public internet.
  2. Firewall rules needs to be configured on the customer infrastructure to allow the public MyPass Password Manager IP addresses to access the MyPass Gateway Server over TLS (incoming via port 443 – TCP only) 

2.1 For MyPass Customers (102.37.104.14, 102.37.122.52, 102.37.124.197)

2.2 For PassReset Customers (102.133.232.144, 40.120.25.31, 40.120.25.105)

3. An existing (customer owned) or new web server SSL certificate must be procured and installed on the MyPass Gateway server to allow incoming SSL connections to Microsoft IIS. (e.g. gateway.customer.co.za)

4. A public DNS A-record should be created to resolve the host SSL certificate name to the public NAT IP address of the MyPass Gateway server (e.g. gateway.customer.co.za -> 41.32.4.123)

Validating the Network Requirements

Once all the above-mentioned requirements have been successfully implemented, communications between the MyPass Password Manager and the MyPass Gateway server can be validated. In order for us to assist you with the, please email you Project Manager or create a support request by emailing [email protected].

Share this Doc

Networking

Or copy link

CONTENTS