Forum Discussion

Nimbostratus

Dec 11, 2017

Authentication NTLM client and server side

Is it possible to configure the APM module for NTLM client-side authentication with HTTP 401 Response and consume on server-side NTLM authentication? We have a demand to configure client and ser...

application delivery

BIG-IP Access Policy Manager (APM)

Stanislas_Piro2

Cumulonimbus

Dec 11, 2017

Hi,

during NTLM authentication, server doesn't receive user password. so if you enable NTLM authentication on client side, F5 doesn't know user password to use it for server side authentication. it is not a F5 APM limitation but a NTLM proxy limitation. Microsoft TMG had the same limitation.

when working with NTLM client side authentication, a password-less authentication must be used on server side. the one used in such deployment is Kerberos Contrained delegation (Kerberos SSO)

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Authentication NTLM client and server side

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

SSL Profiles Part 8: Client Authentication

Configuring APM Client Side NTLM Authentication

RADIUS server authenticating user with Google Authenticator

BIG-IQ Client Certificate (PKI) Authentication

Simple HTTP Authentication server

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS