ADFS Proxy Replacement on F5 BIG-IP

BIG-IP Access Policy Manager can now replace the need for Web Application Proxy servers providing security for your modern AD FS deployment with MS-ADFSPIP support released in BIG-IP v13.1. This arti...

Published Mar 13, 2018

Version 1.0

application delivery

BIG-IP Access Policy Manager (APM)

Graham_Alderso1

Icon for Employee rank

Employee

Joined May 22, 2019

Graham_Alderso1

Icon for Employee rank

Employee

Joined May 22, 2019

Icon for Nimbostratus rank

Nimbostratus

Feb 01, 2019

Hi Graham, we also are having Marvin's issue both with RC8 via Official Deployment instructions and Manual implementation via this article (https://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-third-party-integration-13-1-0/12.html). We are on 13.1.1. We validated communication is occurring between the VIP and ADFS server, but still fails to establish trust. Validated no drops on firewall. We also went through Microsoft's Analyzer tool to validate our ADFS configuration. All pass. https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/troubleshooting/ad-fs-diagnostics-analyzer

Are there any other troubleshooting steps you can provide? Are there any non-OOB configuration steps taken on the ADFS server itself?