locked
ADFS / WAP Question RRS feed

  • Question

  • Ok.....This is the configuration I have done from within Azure for our ADFS environment. I understand there is Azure AD and etc. but this is the route I can go.

    All servers running 2012 R2 and I am using a wildcard cert

    I have two Web Application Proxy Servers and configured an internal load balancer for them in Azure.  All 3 items are behind a firewall that is NATing 443 to the load balancer.

    Two ADFS servers configured with a load balancer.

    DNS internal points to the ADFS load balancer.

    DNS external NATs to the WAP Load balancer.

    If I browse to the test address for ADFS internally the page comes up fine.

    If I access externally it does not.

    How can I confirm the proxy are doing their job internally before I start to investigate this from an external perspective?

    Tuesday, October 25, 2016 11:00 PM

Answers

  • You can create a HOSTS entry in your test machine and connect to your ADFS. Of course you make your entry pointing to the proxy as opposed as the ADFS server.

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    • Marked as answer by AhmadtheITGuy Wednesday, October 26, 2016 2:04 PM
    Wednesday, October 26, 2016 1:45 PM

All replies

  • Hi Ahmad, 

    As you have mentioned that the internal Page come up fine , The connection is reaching directly to the ADFS server  and not to any WAP proxy as its internal connection. So with the description  given your  ADFS is working fine from internal network. 


    Linus || Please mark posts as answers/helpful if it answers your question.

    Wednesday, October 26, 2016 7:11 AM
  • Hi Ahmad, 

    As you have mentioned that the internal Page come up fine , The connection is reaching directly to the ADFS server  and not to any WAP proxy as its internal connection. So with the description  given your  ADFS is working fine from internal network. 


    Linus || Please mark posts as answers/helpful if it answers your question.

    I'm sorry that does not answer my question. I asked how I can test the proxy internally before I try to troubleshoot external access.

    I know the the ADFS itself is working, but my question is concerning the WAP getting to ADFS.

    Wednesday, October 26, 2016 1:09 PM
  • You can create a HOSTS entry in your test machine and connect to your ADFS. Of course you make your entry pointing to the proxy as opposed as the ADFS server.

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    • Marked as answer by AhmadtheITGuy Wednesday, October 26, 2016 2:04 PM
    Wednesday, October 26, 2016 1:45 PM
  • You can create a HOSTS entry in your test machine and connect to your ADFS. Of course you make your entry pointing to the proxy as opposed as the ADFS server.

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    That's perfect as it worked!
    Wednesday, October 26, 2016 2:04 PM