Create a Post
Showing results for 
Search instead for 
Did you mean: 

Proxy-Configuration on SAML Authentication to Azure

Hey community,

we have set up SAML-authentication to azure for our remote clients on our Cluster-XL (R81.10). We wanted to enable single-sign-on, so when the windows-credentials are inserted on windows login mask, the endpoint security client starts and connects with the credentials on the azure active-directory before windows-login runns through.

So far it works, till the client wants to connect. In the status bar the connection continues till "Connecting to site" then after some minutes we get the error "Negotiation with site failed".

On our other client we noticed, that the client connects not until windows login is ready and desktop is shown. Than the client opens itself and the SAML-login runs through correctly.

We found a difference in proxy-configuration on both clients. We use a proxy-skript, that lies on a webserver that is only accessible when vpn-tunnel is running. On the Endpoint Connect Client, we use the "No Proxy"-Setting. On both clients "auto-connect" for the site is enabled and SDL is enabled too. 

Is there a "best-practise" for proxy-configuration when using SAML-authentication or can you give us tipps how you use proxy-scripts on SAML-authentication?

Thanks so far and best regards


0 Kudos
1 Reply

What you're attempting to do is currently not supported.
Specifically, SDL and SAML are not supported together.

0 Kudos