The following Steps should help you publish ADFS over ISATMGIAGUAG
First Open ISATMGUAGIAG
Right-Click Firewall Policy -> New-> Web Server Publishing Rule:
- Enter Publishing Rule Name: Federated Services
- Select Next through the next screens unless you are load balancing
- Enter the name of the URL (suggest this to be the same as the external URL and the IP of the server
- For the path /adfs/* select Forward host header
- Enter public name and the same path
- Create a new listener:
- Add Certificate
- Always authenticate No
- Domain for authentication: domain name
- Authentication Method: No Authentication
- Port 443 and 80
- Forward all HTTP to HTTPS
- Network select external IP address
- Click next
- Authentication Method select: No delegation, and client can authenticate directly
- Make sure all users are selected
- Click Finish. Then Edit the rule and change the following:
- Select the Link Translation Tab, Uncheck the Apply Link translation to this rule.
- Right Click The Rule and select HTTP and change
- General Tab, uncheck Verify Normalization and Block high bit characters boxes
- Click OK and Apply changes
Alternatively:
Use the non-web server protocol publishing rule and select HTTPS Server as the protocol.
If the default HTTPS Server protocol still doesn’t work, create a new protocol using port 443 so that the Filter is completely bypassed
Thank you very much for this post. It really helped us in fixing the problem with ADFS behind TMG. wonderful post. thanks again.