Technical Forum
Ask questions. Discover Answers.
Showing results for 
Search instead for 
Did you mean: 

SSL Bridging and X fwd for ADFS

We currently have a VIP configured for external ADFS that is doing SSL passthrough. We are trying to utilize the X Forwarded for header with SSL bridging however during our change neither the SSL bridging or the x forwarded for option was sucessfull. When applying either or both config that traffic would fail and the web page would show page unreachable. Does anyone have any expereience with this type of change


F5 Employee
F5 Employee

@Thomson_Thomas  This can be acheived by enabling F5 ADFS proxy function, you might want to check this doc. to enable trust between F5 and ADFS behind it to allow F5 to act as ADFS proxy.

Note, it needs APM to be licensed and provisioned.

Hi @Thomson_Thomas,

in case you want to enable only HTTP(S) loadbalancing and SSL bridging, you should check your serverside SSL profile for ServerName and SNI settings. AD FS servers expects the ServerName to be correct.


Going forward and backward over my notes from the last time I configured this... Having APM licensed and 

registering APM as an AD FS proxy seems to be more reliable than manual setup with LTM only.

Thanks dont have APM licensed or installed in our environment. Was thinking there was a way to get this working with just LTM but im assuming there isnt.

Maybe test the FAST iApp template for ADFS . There is also an older iApp but better to not use it  .


For this you do not need APM but as @Daniel_Wolf  mentioned it is great to do it with APM guided config as then you can use the F5 as a portal not only for ADFS but your internal web apps, Exchange , Azure AD sync between F5 and the Azure AD using SAML, Oauth etc.

Does anyone know where I can get the ServerName and SNI settings from the ADFS server? Is this just the dns name of the application?