Forum Discussion
Solved
AAD application proxy : access from external issue
Hello, I have published an application with SAML SSO. from internal, it works fine. When I connect to https://myapp, all is ok. I have set up an external Url : https://myapp.my_custom_external...
Ok it works now
I ve got a fortigate, with webfilter or other security profile, it does not work, i had to open Internet services.Like this :
thanks for help.
Hi,
Yes, in internal, when I ping "myapp" host, it resolve an internal address.
Yes, server hosting agent can communicate with server hosting application.
Proxy agent server can communicate with entra. this server is the same as AAD synchronisation service server.
Yes, in internal, when I ping "myapp" host, it resolve an internal address.
Yes, server hosting agent can communicate with server hosting application.
Proxy agent server can communicate with entra. this server is the same as AAD synchronisation service server.
I have installed wireshark on proxy agent server, and when I log in with SAML, there is no communication between app server and proxy agent.
I don't know what i miss. 😕
I don't know what i miss. 😕
Yeah, that makes sense as it's using internal DNS to resolve the app and just using SAML.
What happens if you remove the custom domain for the app proxy address and use one of Microsofts app proxy addresses. In the Entra portal, is the agent showing as online?I cannot change custom domain to msappproxy.net domain, i have to create another application.
I will test.Yes proxy agent is online.
- I have tested with an msappproxy.net domain.
I get error AADSTS50011 and if i update application registration, i get a timeout.
So, it's the same.
