Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Office365 & using STM as a ADFS 3.0 Reverse Proxy Replacement

SysAdmin@FMC
Not applicable
‎11-18-2015 11:26:PM
‎11-18-2015 11:26:PM

Office365 & using STM as a ADFS 3.0 Reverse Proxy Replacement

Trying to configure a VS to decrypt an ADFS SAML Internet request as part of an Office365 login process, then encrypt and forward onto an Internal ADFS server, so in esence replacing the ADFS Proxy service.

 

I am getting a 500 Response error and an incorrect Content Type (text/html) being returned.

 

But if I configure the VS not to decrypt the SSL and use the SSL(HTTPS) protocol, then the SAML authentication process works.

 

But what I was wanting to acheive was to be able to decrypt and then interegate the SAML requests and direct to approriate pools.

 

Has anybody been able to do this?

0 Kudos
1 REPLY 1
Tony Watkins
Not applicable
‎12-15-2015 03:36:AM
‎12-15-2015 03:36:AM

Re: Office365 & using STM as a ADFS 3.0 Reverse Proxy Replacement

Hi,

 

We are doing the pass-through version without the decryption and as you mention it does seem to authenticate ok.  Butto add to the problems, even with this working, setting up health monitoring for the proxies is proving difficult.

 

I've tried simple ping, tcp connect and even http monitor to the https://<servname>/federationmetadata/2007-06/federationmetadata.xml url without much success.

 

The two former methods work until around 8:10 am then fail and don't auto recover in spite of visits to the metadata url still succeeding.

 

Using the url just fails pretty much straight away.  I'm not sure if this relates to the MIME type of application/samlmetadata+xml in some way?  Restarting a traffic manager fixes it - but it's far from ideal.

 

Sorry for hijacking your question - but perhaps the 500 Content Type (txt/html) does tie in with the application/samlmetadata+xml MIME type?

 

Thanks

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.