Not all remote client traffic being displayed

1 posts, 0 answers
  1. Rainier
    Rainier avatar
    1 posts
    Member since:
    Feb 2015

    Posted 26 Sep 2017 Link to this post

    Hi folks,

    I've got an interesting issue I'm struggling to progress.

    My setup is made up of 2 windows 2012R2 VMs:

    VM#1 -- One acting as a proxy for remote clients, listening on port 8000

    VM#2 - The other is the client with browser configured to use the proxy VM to get to the WWW. This VM also has an Azure AD Proxy connector agent that basically allows external users to get to internal apps via Azure > Connector > Back end apps. There's not a great deal to it and is basically provides reverse proxy access to internal application over a cloud proxy as a service. 

    Clients connections hit Azure, which then routes the client request down to the on-prem connector(VM#2), and onto whatever internal application is being addressed by means of internal DNS resolution. This works fine, however, if the client request is for a site that resolves to a public address(E.g. bbc.co.uk) then the response is received no probs, but I see no traffic listed for the site. If I do this from a browser on VM#2 then no probs and I see the site listed int eh activity window.

    To be clear, the connection to the published site works as expected, but just doesn't show in the window. The same test to the same site does display in the window however. And I know it's definitely going via Fiddler as if I stop Fiddler then the browser just times out after attempting to reach the page. 

    My gut feel is that the TCP connection may be being reused between the client traffic heading to bbc, and the traffic of the connector agent talking to Azure, but I'm unable to prove this.

    Would anyone know if there's a way to debug Fiddler to isolate behavior?

    An Azure App Proxy diagram that illustrates the flow can be found here - https://docs.microsoft.com/en-us/azure/active-directory/active-directory-application-proxy-get-started

     

    Thanks

     

     

     

Back to Top