ADFS 3.0 Proxy Enabled Endpoint

compdigit44
compdigit44 used Ask the Experts™
on
We have two internal ADFS 3.0 setup in a farm using a SQL DB. We also have two WAP servers in the DMZ. I noticed on our relaying party trust properties there is a tab for proxy enabled which I have been trying to read up on. I just want to be certain that our WAP are working and request are not going directly to the internal ADFS servers.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
MaheshArchitect
Distinguished Expert 2018

Commented:
ADFS server will reject processing claims if they are appeared from WAP (internet) and not enabled on WAP (Proxy)
WAP itself do not have capability to identify and filter claims
If end point is enabled on ADFS level and blocked on WAP level, claim request will be processed for intranet and blocked from internet for  specific end point

Author

Commented:
How can I see if wap is enabled or disabled for an end point. Also should the proxy enabled tab be populated? All of our end point have this tab empty.

Author

Commented:
Does anyone have any addition thoughts on this?

Please...
Architect
Distinguished Expert 2018
Commented:
for any end point if proxy is enabled in ADFS console, it means end point is enabled on WAP

Author

Commented:
and if it is not enabled it goes direct to the backend ADFS servers? I am sorry but I am confused with this.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial