For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

ghost-rider_124's avatar
ghost-rider_124
Icon for Nimbostratus rankNimbostratus
May 13, 2013

http monitor with authentication

Hi Expert   There is one http applicaiton (sharepoint), I created the http montior and put the username/password but it is not working. Through tcpdump, I got that it is saying unathorized. Can an...
config
design
Joe_M's avatar
Joe_M
Icon for Nimbostratus rankNimbostratus
Aug 30, 2013

In version 11.3, the HTTP monitor supports NTLM authentication. For the username, the domain must be capitalized. DOMAIN/user Something that I find odd, is that, according to F5 documentation, it doesn't matter if you use a back slash or a forward slash. I would recommend a forward slash "/" since the back slash is an escape character. You also can't use "connection close" like in most monitors. I have also found that you need a user agent sting for it to work. So it looks something like this:

 

GET /owa/ HTTP/1.1\r\nHost: [hostname or IP]\r\nUser-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)\r\nConnection: keep-alive

 

I have gotten this to work without "connection keep alive" and I don't think it matters what the user agent string is, just as long as it is there.

 

http://support.f5.com/kb/en-us/solutions/public/13000/800/sol13821.html http://support.f5.com/kb/en-us/products/big-ip_ltm/releasenotes/product/relnote-ltm-11-1-0.html

 

If you are not on v11, this should help you out. https://devcentral.f5.com/wiki/advdesignconfig.SuperHTTPMonitor.ashx