locked
ADFS 2016 Access Control Poilicies and F5 issue RRS feed

  • Question

  • HI,

    Maybe somebody can help.

    I installed and configure ADFS 2016 (TP5).  And trying to use Access Control Policies to permit access without MFA from specific network.

    The entire requests load balanced on F5 and come over WAP.

    I can get client IP Address as “X-Forwarder-For “. But in “X-MS-Forwarded-Client-IP” and “X-MS-ADFS-Proxy-Client-IP” I’m getting F5 internal IP address.

    But when I hit WAP directly I can get Client IP address and Configured Access Control Policies are working as expected.

    So is any possibility to pass client IP address through F5? 


    Monday, June 27, 2016 12:58 PM

Answers

All replies

  • Look at the SNAT feature of F5.

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Monday, July 4, 2016 2:21 PM
  • Any updates?

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Monday, July 11, 2016 1:57 PM
  • Did you ever find a solution to this problem?

    Olivier

    Thursday, November 1, 2018 12:22 AM
  • Never posted an update. If you have more details on your configuration, please open a new thread.

    There are plenty of documentation on BigIP website on NAT, SNAT, Inline configuration. Their support might be a better path for you as here we have mainly Microsoft SME.


    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Thursday, November 1, 2018 12:40 AM