Share via

Azure Application Proxy - InternalServerError while trying to access an on premise application through external url

Dennis Jose 0 Reputation points
2023-05-03T10:23:18.1066667+00:00

I have an asp.net core application integrated with AAD through MSAL and is hosted in an on premise environment. Now I want to expose the application to few external users and organization through Application Proxy. I have configured Application Proxy Connector as well Proxy service based on the documentation available. When I go to the external url, AAD authentication process completing successfully and then it shows an Internal server error page with following details.

InternalServerError:

This corporate app can't be accessed right now.
Please try again later...

Next Steps

Client request encountered an internal server error.

Azure AD Application Proxy

Status code: InternalServerError

Url: https://dummy-azuretest.msappproxy.net/%3fcode%3d0.AVQAzOA-0l_Sgk2epvvv8zPDX3rzNsczKbRMqPQsw5M3NhpUAAA.AgABAAIAAAD--DLA3VO7QrddgJg7WevrAgDs...

TransactionID: f3f3499f-428e-4dfe-8661-7cce822569b5

ConnectorGroupId: a3b18c82-ea47-41ed-81ee-f7a0b1a998cc

Also there is no error or warning logs in Event Viewer as well.

If I try to test the application using "Test Application" feature available in Enterprise application >> Application Proxy page, I'm getting the same above error. But the diagnostic report contains few more details:

External Url Configuration The external URL is reachable via the internet and correctly configured.

Azure AD Authentication

The current user has not logged in to Azure AD or is not assigned to the application.

The user may not be logged in to the app or is unassigned to the application.
To fix this problem you can:

Verify that you have logged in to the application at least once before opening the report.
Verify that you have assigned the correct users and groups to the application.

But I'm sure that the user I'm trying to login in is already assigned to this application.
So what could be the issue here? Is there any way I can get more error details?
Any help will be much appreciated.

Microsoft Security Microsoft Entra Microsoft Entra ID

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Akshay-MSFT 17,951 Reputation points Microsoft Employee Moderator
    2023-05-05T09:41:20.7533333+00:00

    @Anonymous

    Thank you for posting your query on Microsoft Q&A, Could you please confirm the following:

    • Configuration of you Azure AD application proxy ( a screenshot would help) it should have pass through authentication.
    • If using certificate then validate the behavior without SSL with default URL.
    • Share event logs by navigating to Event Viewer and look for Application Proxy connector events in Applications and Services Logs > Microsoft > AadApplicationProxy > Connector > Admin.
    • Sign in logs of the AAD proxy application.

    Thanks,

    Akshay Kaushik

    Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.