Highly available Web Application Proxy

Highly available Web Application Proxy

Q. How do I make Web Application Proxy in Windows Server 2012 R2 highly available?

A. Web Application Proxy (WAP) in Windows Server 2012 R2 provides a reverse proxy service enabling services hosted internally on-premises to be published to the Internet. It does this while also integrating with Active Directory Federation Services (ADFS) to enable pre-authentication, single sign-on and more. If you need to use WAP in a production scenario its important that the WAP service is highly available. This is achieved by deploying multiple WAP instances that use the same certificate and connect to the same ADFS instance to ensure consistent policy. Network load balancing is used to provide a virtual IP that joins the multiple WAP instances into a single highly available service. You can use either Windows NLB or a separate load balancing solution.

A step-by-step guide is available which walks through configuring two WAP servers using Windows NLB at http://blogs.technet.com/b/platformspfe/archive/2015/02/16/part-6-windows-server-2012-r2-ad-fs-federated-web-sso.aspx. As part of the same series it also walks through deploying a highly available ADFS implementation which is important as all parts of the solution need to be highly available to provide a highly available complete solution.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish