ADFS config on F5

Hello,

You don't have to be connected to the network where you need loadbalancing.

You should be able to configure a pool of servers on another network.

You may encounter a routing issue. Although, your VS has snat automap configured, your web proxy may not have a route back to the load balancer selfip, thus the default route may be used and packets goes in the wrong direction.

I recommend you to make sure that you have no routing issue on your network.

both the servers are configrued with global ips 84...** and VIP is also in the same subnet 84...**

I tried chaging the default gateway to F5 but it did not work , If i get an Ip in the same subnet 84.xxx can i use in a pool and use SNAT

You can use snat automap on your VS if both F5 and pools are on the same subnet.

will it create any issues

Is it poosible to add a global ip in automap config

You can use a snat pool with an IP address within that is located in this subnet

thanks i used automap it works now howver now the websever is not showing any websites i can see connection requests going to and from the server

There is probably an authentication issue that can occurs if you are using kerberos or ntlm.

or this may be due to SSL (Supported ciphers, etc.)

or a persistence issue (did you configured a cookie persistence ?)

Do you have errors logs in your adfs servers. Do you see TCP handshake, SSL handshake and HTTP request and response ?

you can try accessing your webservers using

curl -k https://webserver_ip_addr -I

Hi Yann

this is response i get from teh websevers

curl -k https://84.xx.xx.xx -I HTTP/1.1 404 Not Found Content-Length: 315 Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Tue, 26 Aug 2014 07:46:02 GMT Connection: close