Replacing f5 with ADFS Web Application Proxy
So the question here is : Is there a way to replace f5 as ADFS web application proxy and leave the ADFS Proxy servers as it is.
The configuration currently comprises of
- 2012 DMZ ADFS Web Apps Proxy - config as pass-through (HA Pair - Load Balanced Performance Layer 4 by f5)
- 2012 ADFS Servers (Internal) (HA Pair - Load Balanced Performance Layer 4 by f5)
Every few weeks the web apps proxy develops some issue and stops communicating and we had to do call in experts. the backend 2012 ADFS servers has better record of getting hung every 3 months. If we bypass the webapps proxy - IE users from outside doesn't see the ADFS landing page with mandatory warning banner, which is required by my customer. This bypass of the landing page is due to IE trying to do Windows Integrated Auth, which prompts for username/password prompt - rather than a adfs url page. However other non IE browsers i.e. Chrome, renders the custom landing page just fine.
Circling back to the main Q - is there a way I can bypass the web apps proxy server and still get the same results.
Thanks,
http://goodworkaround.com/node/53