Citrix Cloud - On Premise Gateway as authentication Hi, One of my customer use a Citrix Gateway as Identity provider for Citrix Cloud (Workspace). Everything works great for years. They want to make internal network change to route Microsoft Traffic to a dedicated ISP (Gallery Link; old Express Route). When they make this change, we have an error after Gateway authentication. My analysis seems to show an asymmetric route when the user are redirected to the Workspace and the Workspace try to validate the authentication with the callback. I try to find a detailed diagram about the authentication flow. I found this one but for me it's not correct. The step 7 seems to be different. For me, in step 7 NS Gateway send a redirect to the Workspace for the client and the Workspace tries to validate the authentication witch the callback. Could you confirm this ? When the problem occurs I have a timeout on the client with the URL https://accounts.cloud.com/core/login-cip (like in https://support.citrix.com/article/CTX272371/oauth-fails-adc-saml-idp-onprem-saml-sp-gateway-as-service-workspace-in-citrix-cloud but the error is a little bit different). The network trace on the NS show a lot a retransmission from the AAA vServer to 20.61.77.72 (IP hosted on Microsoft). Citrix cannot told me if they own this IP but I think this is the callback flow. Thanks for any help.