Forum Discussion

Nimbostratus

Dec 11, 2017

Authentication NTLM client and server side

Is it possible to configure the APM module for NTLM client-side authentication with HTTP 401 Response and consume on server-side NTLM authentication? We have a demand to configure client and ser...

application delivery

BIG-IP Access Policy Manager (APM)

Stanislas_Piro2

Cumulonimbus

Dec 11, 2017

Hi,

during NTLM authentication, server doesn't receive user password. so if you enable NTLM authentication on client side, F5 doesn't know user password to use it for server side authentication. it is not a F5 APM limitation but a NTLM proxy limitation. Microsoft TMG had the same limitation.

when working with NTLM client side authentication, a password-less authentication must be used on server side. the one used in such deployment is Kerberos Contrained delegation (Kerberos SSO)

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Authentication NTLM client and server side

Recent Discussions

ports are showing open on online scanning tool

self-directed requests fail because of no certificate

Decode ObjectSID from Base64-encode string

iRule - Url rewrite and header replace and pool selection not working

ip x-forwarding

Related Content

Selective mutual authentication by HTTP::Host

Client cert authentication and TLS1.3

HTTPS communication and client and server ssl profile

Authentication via Azure AD blocked by Access policy

Authenticate clients with server certificate

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS