Diagram
Below are the perquisites that need to be ready to deploy the Azure Application Proxy connector:
Servers Specifications and Internet Access
# of Server | Core | RAM | HDD | OS/Domain | Internet Access |
2 | 4 | 8 | 200 | · Windows 2016 updated up to date & Joined to Domain with one NIC connect to LAN.
· Domain Admin user required for the installation. · Azure Global Admin required for the installation. |
· Required. with No Authentication
· Recommendation is to allow the connector anonymous access to the Internet destinations. |
- Server 2012 R2/2016 up to date
- Domain Joined for SSO
- Internet Explorer Enhanced Security is off.
- Internet Explorer Enhanced Security is off
- Server needs an HTTP/HTTPS connection to the applications that you are publishing.
- Need internet Access
- SSL inspection is disabled
- Azure Connector will be downloaded to the server from Azure Portal
- For internet Proxy
- bypass on-premises outbound proxies.
- use an outbound proxy to access Azure AD Application Proxy.
- Connector Group: (publish applications on separate networks and locations.)
- Default
- additional settings.
- Backend Application Timeout (Default)
- If Long: application is slow to authenticate and connect.
- Translate URLs in Headers (Default Yes)
- If NO: app required the original host header in the authentication request.
- Translate URLs in Application Body (Default: No)
- Yes: hardcoded HTML links to other on-premises applications, and don’t use custom domains.
- Backend Application Timeout (Default)
Design Summary:
- One Azure application proxy connector server will be deployed in Main Site
- One Azure Application proxy connector will be deployed in DR site with one connector group
Add a Comment