In addition you should navigate to the IP restrictions page in the Kerberos menu and set the correct way of seeing the correct IP:
SAML: Redirection to identity provider fails with 404
If IIS is being used as a reverse proxy and you're getting 404 when trying to log in with SAML, IIS could be rewriting the identity provider redirect URL to point back to the Atlassian application. An example using ADFS, the browser is redirected to https://jira.example.com/adfs/ls/?SAMLRequest=rVLBcpswFPwV..... instead of https://adfs.example.com/adfs/ls/?SAMLRequest=rVLBcpswFPwV..... .
If this is happening, check any Rewrite rules for IIS and ARR. Then ensure "Reverse rewrite host in response headers" is disabled: Select the IIS server, open the Application Request Routing Cache pane, then select Proxy Settings from the right menu.