Configuring the Azure Active Directory Application Proxy to Secure Access to On-Premise Web Applications
Giving external access to on-premise applications has typically required opening various "holes" in an organization's firewall. This practice has always made me shiver - even when using the web application proxy sever roles included with Windows Server OS's. Now, I am absolutely in love with the Azure Active Directory's (Azure AD) Application Proxy which is super-easy to configure, secure and, certainly for web apps, avoids ever having to punch holes in firewalls again. In this article I describe how I configured an on-premise web application for external access using the Azure AD Application Proxy utility, in combination with various DNS zone rules both external and internal. Technical Background First off, I would strongly encourage you read up on Microsoft's introduction to the Application Proxy , along with how the Connectors work. With that, though, I will provide some snippets from those articles which rapidly communication the power of the Azure A