Quantcast
Channel: HAProxy community - Latest topics
Viewing all articles
Browse latest Browse all 4741

Pass src ip with HAProxy and MS ADFS

$
0
0

@BlackAdderDK wrote:

Hi

For the time being we are running MS ADFS with the configuration shown below - and that works like a charm… unfortunately there’s now need for the src ip to be shown to the ADFS servers - preferly as “X-MS-Forwarded-Client-IP”

I guess that would be possible if running in http-mode, but has anyone done this with ADFS?

global
log /dev/log local0
log /dev/log local1 notice
maxconn 6000
tune.ssl.default-dh-param 2048
daemon
chroot /var/lib/haproxy
uid 0
gid 0
ssl-default-server-options force-tlsv12 no-tls-tickets
ssl-default-server-ciphers ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
ssl-default-bind-options force-tlsv12 no-tls-tickets
ssl-default-bind-ciphers ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS

defaults
log global
option tcplog
option dontlognull
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms

frontend ADFSFrontend
bind 10.0.1.100:443 interface eth0
mode tcp
default_backend ADFSBackend

backend ADFSBackend
mode tcp
balance roundrobin
server adfs01 10.0.1.101:443 check
server adfs02 10.0.1.102:443 check

backend Stats
listen stats
bind :9000
mode http
stats enable
stats hide-version
stats refresh 10s
stats show-desc ADFS
stats show-legends
stats realm HAProxyADFS\ Statistics
stats auth stats:stats
stats uri /Stats

Best regards
'Adder

Posts: 1

Participants: 1

Read full topic


Viewing all articles
Browse latest Browse all 4741

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>