We are in a deployment of ADFS Load Balancing. So we will replace wap using bigip.
We've configured it using iApps ADFS, however when we try to enter username and password to establish trust there is an error say's can't connect to ADFS.
Not sure if this has something to do with FW or ADFS config but when we try to look the pcap 3WHS is complete but after bigip sends Client Hello ADFS server sent rst packet.
Would you guys know what is the issue on this or have you encounter this before?
We will continue our tshooting tomorrow and will try to allow all traffic from f5 to adfs, and configure 1pool member(adfs server) only as part of isolation.
I ran into the same issue and the problem is that the SSL Client Hello sent by the BIG-IP must include Server Name Indication as an extension. To do this, create a server SSL profile and populate 'Server Name' option.
did you solve this problem, if yes, please share with me, I have a same issue.
You need to check carefully the SNI and the server name of the AD Server.
I have already checked ADFS Server, but I do not know, what should be the SNI? Should there be FQDN of ADFS ?
Hi on the wizard configuration of adfs, there is a part where you will input the ad fqdn that the bigip will establish adfs trust. That is the item that you need to check carefully.