To configure FortiWeb as an ADFS proxy, you need to:
- Create a virtual server specifying the IP address and network interface.
- Import a certificate file to set up secure connections with the ADFS servers.
- Create a server pool that contains the ADFS server. It's supported to add single server in an ADFS server pool.
- Import a CA file to verify the certificate authentication requests from Internet users (for certificate authentication requests).
- Create an ADFS server policy that references the virtual server, server pool, certificate validation rule, the service ports for certificate authentication requests and credential authentication requests, etc.
When deployed as an ADFS proxy, FortiWeb supports only the Reverse Proxy operation mode.
For details on the ADFS proxy configurations, please see the subsections under this topic.
Until you configure and enable at least one policy, FortiWeb will by default deny all traffic.