Azure AD Application Proxy provides users a secure remote access to on-premise web applications. It lets you publish applications inside your network without the need of opening firewall ports. You can add security to it by requiring Azure AD authentication just as when a user tries to access any other resource in Azure.
This guide covers the installation of Azure AD Application Proxy.
Azure AD Application Proxy
Go to Azure Active Directory -> Enterprise applications -> Application proxy.
If you get the message that “Application Proxy is currently disabled for your tenant. Click here to enable Application Proxy“, and nothing happens when you click it, don’t worry. Azure AD Application Proxy will enable automatically when we install the connector.
Click Download connector service to download the file for the application proxy connector..
Note that Internet Explorer Enhanced Security will block the Application Proxy connector from signing in to Azure if it’s enabled. Make sure that is disabled that first before you run the installation.
Install Microsoft Azure AD Application Proxy Connector
Run the Microsoft Azure Active Directory Application Proxy Connector as administrator.
You need either the global administrator or the application administrator role for Application Proxy to register itself with Azure AD. But don’t worry, those credentials are only used to register the connector with Azure AD and not used as a service account.
The installation of Microsoft Azure Active Directory Application Proxy Connector completes successfully.
The unclickable message about enabling application proxy is gone. It is enabled automatically by the the first connector installed in your tenant.
That is it. Azure AD Application proxy is now installed. You need at least two connectors to provide failover / load balancing, and Microsoft recommends three connectors.
Troubleshoot Azure AD Application Proxy
If the connector fails to register or you need to troubleshoot Azure AD Application Proxy, the event log is located under “Applications and Services Logs\Microsoft\AadApplicationProxy“.