That’s why it doesn’t work. ☺ And the address for adfs.brgeneral.org resolves to the correct (internal) IP right? Try the command again with the addition of –traceroute and see what it tells you.
It’s definitely a routing/firewall/NAT type issue; once the test-netconnection succeeds the ADFS proxy setup will work. DAMIEN SOLODOW Systems Engineer 317.447.6033 (office) 317.447.6014 (fax) HARRISON COLLEGE From: [email protected] [mailto:[email protected]] On Behalf Of Todd Lemmiksoo Sent: Wednesday, December 10, 2014 11:02 AM To: [email protected] Subject: Re: [NTSysADM] ADFS Proxy configuration issue Failed : PS C:\Users\Administrator> test-netconnection adfs.brgeneral.org<http://adfs.brgeneral.org> -port 443 WARNING: Ping to adfs.brgeneral.org<http://adfs.brgeneral.org> failed -- Status: TimedOut WARNING: TCP connect to adfs.brgeneral.org:443<http://adfs.brgeneral.org:443> failed ComputerName : adfs.brgeneral.org<http://adfs.brgeneral.org> RemoteAddress : xx.xx.xx.xx RemotePort : 443 InterfaceAlias : BB_DMZ SourceAddress : xx.xx.xx.xx PingSucceeded : False PingReplyDetails (RTT) : 0 ms TcpTestSucceeded : False Todd On Wed, Dec 10, 2014 at 9:27 AM, Damien Solodow <[email protected]<mailto:[email protected]>> wrote: Try this from the proxy: Test-Netconnection adfs.url –port 443 DAMIEN SOLODOW Systems Engineer 317.447.6033<tel:317.447.6033> (office) 317.447.6014<tel:317.447.6014> (fax) HARRISON COLLEGE From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Todd Lemmiksoo Sent: Wednesday, December 10, 2014 9:54 AM To: [email protected]<mailto:[email protected]> Subject: Re: [NTSysADM] ADFS Proxy configuration issue Yes, on using the hosts file to point to the ADFS url. But that ip is on the Netscaler inside interface for load balancing.. On Wed, Dec 10, 2014 at 8:46 AM, Damien Solodow <[email protected]<mailto:[email protected]>> wrote: What IP does your ADFS proxy show for the ADFS url? It needs to show the “internal” IP of the ADFS farm, so you may need to edit your hosts file. DAMIEN SOLODOW Systems Engineer 317.447.6033<tel:317.447.6033> (office) 317.447.6014<tel:317.447.6014> (fax) HARRISON COLLEGE From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Todd Lemmiksoo Sent: Wednesday, December 10, 2014 9:42 AM To: [email protected]<mailto:[email protected]> Subject: [NTSysADM] ADFS Proxy configuration issue I am in the process of setting up ADFS authentication for our migration to Office 365. I have ADFS working internally. The Proxy setup is not working, cannot connect to the server error. Setup is Internet to Firewall to Netscaler to ADFS Proxy servers in DMZ to Netscaler to server Lan ADFS servers. All ADFS servers are Server 2012R2. When I run the Proxy configuration on the ADFS Proxy server it errors out with not being able to connect to the internal ADFS server. The DMZ is configured to allow port 443 access to/from the ADFS servers. Does anyone have a similar configuration that works. PS>>>>this is the configuration suggested by our contractors for design. -- T. Todd Lemmiksoo -- T. Todd Lemmiksoo -- T. Todd Lemmiksoo
