MFA的外部用户问题 [英] External Users issue with MFA

问题描述

亲爱的

我有两个环境(主目录和DR)，分别具有ADFS，MFA，WAP(仅在主站点上)和A10 LB(仅在DR上).

I have two environment (main and DR) with ADFS, MFA, WAP (On main site only) and A10 LB(on DR only).

当用户通过WAP(主站点)访问环境时，他们将面临MFA挑战.

When the users access the environment through WAP (Main site) they face MFA challenge.

但是，如果我们切换到灾难恢复站点，则用户可以通过身份验证而不会遇到MFA挑战.

But if we switch to DR site, the users pass the authentication without MFA challenge.

我了解ADFS认为对WAP的任何点击都是来自外部用户，而来自A10 LB的任何点击都是内部用户，因此从不需要MFA挑战.

I understand that ADFS consider any hits to WAP will be from external users , and any hits from A10 LB as an internal users and never require MFA challenge.

我的问题是，如何使ADFS考虑通过A10进行的身份验证是外部用户?

My question is, How to make ADFS consider the authentication through A10 is an external users?

预先感谢

推荐答案

你好大s，

通常，ADFS支持遵循 MS-ADFSPIP 协议，并在 这里.如果您使用的A10代理满足上述协议要求，那么ADFS肯定会将来自该代理的请求视为外部请求.

In general ADFS supports any proxy which follows the MS-ADFSPIP protocol and is discussed here. If the A10 proxy you are using meets the above protocol requirements then ADFS will definitely treat the requests coming from that as external requests.

这篇关于MFA的外部用户问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！