This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 46%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK%3C/text%3E%3C/svg%3E)
Hi;
I just created my first AD FS on Windows Server 2012 R2 on LAN which is used to authenticate the claims-based application on cloud which provided by my SaaS service provider.
I can authenticate with their application properly but they told me that they do not support ADFS Proxy, in this case; what is the best practice to secure my ADFS server. Currently; I have to do natting on firewall to allow inbound traffic to ADFS.
This claim makes no sense. What do they mean by they don't support ADFS Proxy (which is called Web Application Proxy [aka WAP] in Windows Server 2012 R2 by the way)? The SaaS is agnostic of the IDP infrastructure. Federation protocols in this scenario is entirely driven by the user. The application doesn't know if there is a proxy in the mix.
Besides, WAP are not used when a user is connected from the LAN.
We'll need to know a bit more about the infrastructure here to help you. So far, this doesn't make a lot of sense :(