Forum Discussion

Nimbostratus

Dec 11, 2017

Authentication NTLM client and server side

Is it possible to configure the APM module for NTLM client-side authentication with HTTP 401 Response and consume on server-side NTLM authentication? We have a demand to configure client and ser...

application delivery

BIG-IP Access Policy Manager (APM)

Stanislas_Piro2

Cumulonimbus

Dec 11, 2017

Hi,

during NTLM authentication, server doesn't receive user password. so if you enable NTLM authentication on client side, F5 doesn't know user password to use it for server side authentication. it is not a F5 APM limitation but a NTLM proxy limitation. Microsoft TMG had the same limitation.

when working with NTLM client side authentication, a password-less authentication must be used on server side. the one used in such deployment is Kerberos Contrained delegation (Kerberos SSO)

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Authentication NTLM client and server side

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Selective mutual authentication by HTTP::Host

Different port from client to F5 as from F5 to server

Client cert authentication and TLS1.3

HTTPS communication and client and server ssl profile

Authentication via Azure AD blocked by Access policy

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS