BIGIP ASM blocking Web App Kerberos NTLM login prompt

Question

After building an ASM policy and going through the learning mode process, a Windows web application is having the login prompt blocked after changing the policy over to blocking mode.  This behavior isn't producing a blocking page with a support ID.&nbsp;
Here is an example of the login prompt box:&nbsp;
&nbsp;
If the policy is switched back to transparent mode, the login process is unaffected.&nbsp;
Thanks&nbsp;

dwhite12_255934 · Answer

I guess that my main question for this would be, is there an area within the ASM policy that can be modified to allow the authentication prompt box to still pop-up and not be blocked?&nbsp;

samstep · Answer

Is your ASM policy blocking 401 response code? It should not by default:
See 
https://support.f5.com/csp/article/K7922&nbsp;
If affected URL is a Login URL - have you configured it? See: &nbsp;
https://support.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-implementations-11-5-0/8.html&nbsp;

Forum Discussion

BIGIP ASM blocking Web App Kerberos NTLM login prompt

Recent Discussions

BIG-IP Oauth Client and AS

How to Renew F5 Device Certificate

Use of SSL Decryption.

Big IP DNS Failover

Diameter iRules attachment?

Related Content

AI Security : Prompt Injection and Insecure Output Handling.

Troubleshooting Kerberos Constrained Delegation: Strong Encryption Types Allowed for Kerberos

Block IP after a number of ASM Blocks

Kerberos is Easy - Part 2

Block traffic

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS