Forum Discussion

Cirrostratus

Jan 12, 2018

APM - proxy NTLMv1 client side auth to NTLMv2 server side

Hi, I've been asked if the F5 can proxy a request between a client that supports NTLMv1 and a server that currently supports NTLMv2. My understanding of the NTLMv2 SSO Configuration is that...

application delivery

BIG-IP Access Policy Manager (APM)

Stanislas_Piro2

Cumulonimbus

Jan 12, 2018

This is not possible with any product to proxy ntlm auth.

When client authenticate with ntlm on any server, it doesn’t receive the password -—> it can’t authenticate with password on server side.

The server side authentication must be password less like Kerberos sso.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

Community Articles

application delivery

CIS

container ingress services

devops

Gateway Fabric

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

announcement

Appworld2026

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

APM - proxy NTLMv1 client side auth to NTLMv2 server side

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

error code 503 redirect irule

Curl 7.10.5 < 8.12.0 Integer Overflow (CVE-2025-0725)

OWA File Upload URIs for WAF Bypass

F5 AWAF/ASM learning only from Trusted traffic?

F5OS VLAN naming length restrictions

Related Content

Fingerprinting TLS Clients with JA4 on F5 BIG-IP

iRule to set SameSite for compatible clients and remove it for incompatible clients (LTM|ASM|APM)

Using Client Subnet in DNS Requests

SSL Profiles Part 8: Client Authentication

iRule based RADIUS Client Stack

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS