Forum Discussion

Altostratus

Aug 14, 2017

APM with ADFS + Extended Protection

Hello, I am trying to implement F5 as a load balancer for an ADFS server farm. It works well if SSL connections from clients to ADFS are tunneled thru F5 without decryption. However if I enable SSL b...

big-ip

BIG-IP Access Policy Manager (APM)

security

Jad_Tabbara__J1

Cirrostratus

Aug 15, 2017

Hi,

In our case, we are terminating SSL connections on the BIG-IP and the "ExtendedProtectionTokenCheck" is set to "none". I think It wont work otherwise !

Also we encounter another issue with the ADFS "protection" feature when it was enabled. Browsers other than IE, were unable to make SSO (Chrome) as described by this discussion

https://social.technet.microsoft.com/Forums/en-US/6948e92d-1789-480d-99c1-08ee94a522cd/adfs-3-server-2012-r2-and-chrome?forum=winserverDS

Regards

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

APM with ADFS + Extended Protection

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Connection Rate Limit with log output

syslog over tcp and define management IP as source

Managing iRules configuration

Recommendation for Adv. Lab

Unable to Forward APM and AFM Logs to AWS CloudWatch Using Telemetry Streaming

Related Content

Extending F5 ADSP: Multi-Tailnet Egress

Extend visibility - BIG-IP joins forces with CrowdStrike

Embedding APM Protected Resources into Third-Party Sites

L7 DoS Protection with NGINX App Protect DoS

Runtime API Security: From Visibility to Enforced Protection

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS