Authentication NTLM client and server side

Question

Is it possible to configure the APM module for NTLM client-side authentication with HTTP 401 Response and consume on server-side NTLM authentication?&nbsp;
We have a demand to configure client and server side with NTLM Authentication without HTTP Form, is there any configuration available in F5?&nbsp;

stanislas_piro2 · Answer

Hi,&nbsp;
during NTLM authentication, server doesn't receive user password. so if you enable NTLM authentication on client side, F5 doesn't know user password to use it for server side authentication. it is not a F5 APM limitation but a NTLM proxy limitation. Microsoft TMG had the same limitation.&nbsp;
when working with NTLM client side authentication, a password-less authentication must be used on server side. the one used in such deployment is Kerberos Contrained delegation (Kerberos SSO)&nbsp;

Forum Discussion

Authentication NTLM client and server side

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Sending traffic to virtual server based on client IP

Regarding client and server side offloading

F5 Adaptive Authentication (MFA) option

Is it possible to create an client-ssl profile with client authentication using tmsh?

Applying a HTTP Profile (Client) when creating a virtual server in TMOS?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS