Is Microsoft Entra Application Proxy Connector software the same software like Microsoft Entra Private Access App Proxy?

Question

In other words: Can I install Entra Application Proxy on one VM and use it firstly for Microsoft Entra Global Secure Private Access to be able to access a private app via Global Secure Access client, and secondly with Microsoft Entra Application Proxy to externally publish an on-premises app?

Should that work? Are there any considerations?
I'm thinking about an scenario where one app needs to be accessed privately and another needs to be exposed to the Internet. If I can use just one VM with this connector software installed that would be nice.

This tutorial to access on prem app from external: https://learn.microsoft.com/en-us/entra/identity/app-proxy/application-proxy-add-on-premises-application
and this one to access privately: https://learn.microsoft.com/en-us/entra/global-secure-access/how-to-configure-connectors

Answer 1

@Nathanael Santschi

Thank you for posting your query on Microsoft Q&A, from above description I could understand that you are planning to host your on-prem webapp and private access app on one web server and have one app proxy connector configured on it.

Please do correct me if my understanding above is not correct.

Answer to this would be yes, as you can setup multiple on-prem applications access with one app proxy connector group. This would allow both On-prem application to be accessed via app proxy as well as would allow "private application" to be protected by global secure access and CA policy.

Note:

This is a suggestion for pre-prod/dev environment since Global secure access is in public preview and the any design change or updates might end up impacting other non-GSA applications.

---

Please "Accept the answer (Yes)" and "share your feedback ". This will help us and others in the community as well.

Thanks,

Akshay Kaushik