Scenario:
I want to use SAML for authenticating users to login to Web TimeSheet. However the users are not always working from office and at times will work from client site or home. I still want them to use SAML as a means of authentication.

Set up:
Setting Replicon SAML Identity Provider on a Public IP is possible. The setup remains the same and apart from the usual set up there are a few additional steps to be followed to setup SAML on Public IP.

  1. SAML needs to be setup on a Server which is preferably a Domain Controller or otherwise has a two-way trust relationship with the Domain Controller.
  2. Once SAML is setup and accessible from the internal network, procure a public IP Address for SAML URL. This can be an existing IP Address as well but, we will have to use an unused port number.
  3. On your company's edge network you must be hosting a Firewall or Proxy Server. On that Firewall or Proxy create a One-To-One NAT. The NAT statement should translate the Public IP from the above step to the Private IP of the Server hosting SAML (Server mentioned in Step 1).
  4. If you are planning to use a website name to use this URL then on your external DNS Server create the above translation from website name to Private IP of the Server hosting SAML.
     

Related Items:

What is SAML and how to set it up?