- Newest
- Most votes
- Most comments
Hello! According to your description, you might be running into either DNS resolution issues or the traffic being blocked by the instance. Please do a nslookup on a separate EC2 instance for the domain name the ADFS website has. If you cannot resolve it, that would explain the issue you are having. If the Managed AD DNS can resolve it, you might need to set a conditional forwarder to ensure the DNS traffic for the zone is sent to the VPC's Route 53 resolver (which is VPC Network address +2, so for example if your VPC is 10.0.0.0/16 then the DNS is 10.0.0.2)
If you are able to resolve it, then check the security groups, network acl's and route table. Ensure that TCP 443 is allowed. You can run this Powershell command to validate connectivity:
test-netconnection <domain or IP address of ADFS> -port 443
Relevant content
- asked 2 years ago
- Accepted Answerasked 3 months ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
Hello Francisco, thank you for your assistance on this question. You guided us to the right direction, and we ended up resolving the issue using the Route 53 Resolver Endpoints. We followed this article, https://aws.amazon.com/blogs/networking-and-content-delivery/integrating-your-directory-services-dns-resolution-with-amazon-route-53-resolvers/ .