PUD behind Azure Application proxy

Is anyone running behind an Azure Application Proxy? I’m running into an issue where I just get a blank gray screen when accessing my dashboard through AAP.

My architecture where it works:

Client --> F5 Load balancer (Source IP affinity) --> IIS --> PUD

Where it breaks:

Client --> Azure Application Proxy --> F5 Load balancer ^^^^^^^ same as above

I’ve stopped one of my Azure application proxy nodes + I’ve stopped one of my IIS servers just so everything is single server to single server to try an simplify it. And it still doesn’t work. MS states Azure needs cookie based affinity in their docs. is this supported in PUD?

Any hints on what to look at?

in IIS i see a POST /dashboardhub with a 401 error

starting to think I’m running into an NTLM double hop or Kerberos issue

So MS got back to me and stated that Web Socket support is still in preview at this point :frowning:

I was thinking about switching to Azure AD auth instead of using IIS + Windows Auth, but for the life of me i can’t find a concise set of instructions that work. The problem is the context of the commands always seem to be missing. For example I would love to see not only the documentation for how to setup Azure AD with the specific commands, but with a very simplistic hello world set of code so you can see how the whole thing comes together. Also something real world, with a certificate, etc.

Anyway, I love PUD, but things keep changing so fast (now I guess PS Universal get’s all the love?) that i struggle to keep up with which way to go. I’m hesitant to switch to PSU because i’m 2 weeks away from launching a company wide PUD and can’t afford to be debugging any more. Part of the launch requirement was to publish through Azure Application Proxy so our users didn’t need a VPN. Since that’s not working, I’m kind of not sure what to do.