Thanks for the command to test with. The traceroute failed. Will go see our firewall guy.
On Wed, Dec 10, 2014 at 10:06 AM, Damien Solodow < [email protected]> wrote: > That’s why it doesn’t work. J > > And the address for adfs.brgeneral.org resolves to the correct (internal) > IP right? > > Try the command again with the addition of –traceroute and see what it > tells you. > > > > It’s definitely a routing/firewall/NAT type issue; once the > test-netconnection succeeds the ADFS proxy setup will work. > > > > DAMIEN SOLODOW > > Systems Engineer > > 317.447.6033 (office) > > 317.447.6014 (fax) > > HARRISON COLLEGE > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Todd Lemmiksoo > *Sent:* Wednesday, December 10, 2014 11:02 AM > *To:* [email protected] > *Subject:* Re: [NTSysADM] ADFS Proxy configuration issue > > > > Failed : > PS C:\Users\Administrator> test-netconnection adfs.brgeneral.org -port 443 > WARNING: Ping to adfs.brgeneral.org failed -- Status: TimedOut > WARNING: TCP connect to adfs.brgeneral.org:443 failed > > > ComputerName : adfs.brgeneral.org > RemoteAddress : xx.xx.xx.xx > RemotePort : 443 > InterfaceAlias : BB_DMZ > SourceAddress : xx.xx.xx.xx > PingSucceeded : False > PingReplyDetails (RTT) : 0 ms > TcpTestSucceeded : False > > Todd > > > > On Wed, Dec 10, 2014 at 9:27 AM, Damien Solodow < > [email protected]> wrote: > > Try this from the proxy: > > Test-Netconnection adfs.url –port 443 > > > > DAMIEN SOLODOW > > Systems Engineer > > 317.447.6033 (office) > > 317.447.6014 (fax) > > HARRISON COLLEGE > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Todd Lemmiksoo > *Sent:* Wednesday, December 10, 2014 9:54 AM > *To:* [email protected] > *Subject:* Re: [NTSysADM] ADFS Proxy configuration issue > > > > Yes, on using the hosts file to point to the ADFS url. But that ip is on > the Netscaler inside interface for load balancing.. > > > > On Wed, Dec 10, 2014 at 8:46 AM, Damien Solodow < > [email protected]> wrote: > > What IP does your ADFS proxy show for the ADFS url? It needs to show the > “internal” IP of the ADFS farm, so you may need to edit your hosts file. > > > > DAMIEN SOLODOW > > Systems Engineer > > 317.447.6033 (office) > > 317.447.6014 (fax) > > HARRISON COLLEGE > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Todd Lemmiksoo > *Sent:* Wednesday, December 10, 2014 9:42 AM > *To:* [email protected] > *Subject:* [NTSysADM] ADFS Proxy configuration issue > > > > I am in the process of setting up ADFS authentication for our migration to > Office 365. I have ADFS working internally. The Proxy setup is not working, > cannot connect to the server error. > > Setup is Internet to Firewall to Netscaler to ADFS Proxy servers in DMZ to > Netscaler to server Lan ADFS servers. All ADFS servers are Server 2012R2. > > When I run the Proxy configuration on the ADFS Proxy server it errors out > with not being able to connect to the internal ADFS server. > > The DMZ is configured to allow port 443 access to/from the ADFS servers. > > Does anyone have a similar configuration that works. > > PS>>>>this is the configuration suggested by our contractors for design. > > > -- > > T. Todd Lemmiksoo > > > > > -- > > T. Todd Lemmiksoo > > > > > -- > > T. Todd Lemmiksoo > -- T. Todd Lemmiksoo
