What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

Azure Application Proxy _and_ AzureAD authentication

Votes:

1

Hi

We expose PRTG for remote access through an Azure Application Proxy. For the purposes of the discussion, assume the following:

Basically, Azure App Proxy receives a request from a client on https://prtg-company.msappproxy.net, then requests the page internally through an agent on https://prtg.company.com, and delivers it to the client.

Once I've configured everything, when I open the PRTG login page I get this error:

The URL you are using to connect to PRTG is not enabled for single sign-on. Please contact your PRTG administrator.

It makes sense to show this error, since I've requested the page using https://prtg-company.msappproxy.net, but the agent has requested it from the server using https://prtg.company.com. Changing the DNS name to https://prtg-company.msappproxy.net also doesn't work, since now the agent's request doesn't match what is configured in SSO.

Can this test be removed, or at least allow the specification of a number of "valid" URLs for which the SSO is configured?

azure prtg sso

Created on Mar 3, 2022 1:12:10 PM



3 Replies

Votes:

0

Hello,

Did you follow this guide to configure Azure SSO? https://kb.paessler.com/en/topic/88527

The external address would need to read https://prtg-company.msappproxy.net/ in this case. Also please double check that a group claim is configured in the Azure's AppRegistration and that the "address translation" in the Azure App Proxy is enabled.

Created on Mar 8, 2022 12:51:28 PM by Timo Dambach [Paessler Support]



Votes:

0

Hi

I followed the relevant sections from https://kb.paessler.com/en/topic/88527, yes. It does not specifically state the inclusion of the Azure App Proxy component though.

I'm not aware of, and have not been able to find, the "address translation" setting in the Azure App Proxy... where do you do this?

Created on Mar 9, 2022 3:51:29 PM



Votes:

0

I'm referring to the setting called "Translate URLs In". Also have a look here. Please make sure it's enabled and the internal/external URLs are configured correctly.

Created on Mar 10, 2022 8:58:35 AM by Timo Dambach [Paessler Support]




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.