For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

pboog's avatar
pboog
Icon for Nimbostratus rankNimbostratus
Aug 14, 2018

F5 seems to break NTLM Auth when using Powershell but ok with browser

Hi,   I have a VS with just a server behind hosting a webservice.   When I use Powershell to call the webservice, it works with the direct call to the server but not when F5 is in front.   W...
application delivery
LTM
pboog's avatar
pboog
Icon for Nimbostratus rankNimbostratus
Aug 15, 2018

I've done some capture and I can see that Powershell via direct call use Kerberos authentification

 

A browser use NTLM authentification always (direct call or via F5)

 

So why Kerberos isn't working with F5 in front and powershell ?

 

The first response from the backend server is always like this (with F5 or not) : HTTP/1.1 401 Unauthorized Content-Length: 0 Server: Microsoft-HTTPAPI/2.0 WWW-Authenticate: Kerberos WWW-Authenticate: NTLM WWW-Authenticate: Basic

 

When direct call, powershell send a Kerberos token in the next request and it works When F5 is in front, Powershell doesn't send a next request

 

A browser send a NTLM token in the next request, with F5 or direct call