NTLM Authentication

Question

Hi,I have an iRule to send auth traffic to an IIS server. NTLM. If the traffic is sent without encription no problem, otherwise I get a RST after the first 401. Can any one help me?Here's the iRule I use (no encription between F5 and IIS)when HTTP_REQUEST {NTLM::disableSSL::disable serversideset enc "0"ONECONNECT::detach disableONECONNECT::reuse disableNTLM::enable&nbsp;snatpool SN_Pool_VLAN10if { [HTTP::path] ends_with "/123"} {HTTP::respond 301 Location "https://[HTTP::host]/123/"&nbsp; &nbsp; }&nbsp; &nbsp; &nbsp; &nbsp;pool /DR/Pool_with_no_encription&nbsp; &nbsp; &nbsp; &nbsp;return&nbsp; &nbsp;}when SERVER_CONNECTED {SSL::profile PCSSL_serverside_encriptionif {$enc equals "1"} {SSL::enable serverside} else {SSL::disable serverside}}

leslie_hubertus · Answer

Hi&nbsp;cjfsoares&nbsp;- while I hope someone from the community can give you a quick answer, I've asked colleagues if they can come take a look at your issue and offer their help. Fingers crossed for speedy resolution!

Forum Discussion

NTLM Authentication

1 Reply

F5 Academy at AppWorld 2026

Kostas Injeyan - October 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

/mgmt/toc - not possible to launch rest api rest browser

XC - geo LB to the origin servers

F5 AWAF/ASM ASM_RESPONSE_VIOLATION event seem to not trigger on 17.1.x

Upgrading F5 units configured as Active-Active without Traffic Groups behind Azure LB

Kerberos Authentication Failing for Exchange 2016 Behind F5 Cloud WAF

Related Content

Configuring APM Client Side NTLM Authentication

NTLM Authenticated Proxy External Monitor

Leveraging BIG-IP APM for seamless client NTLM Authentication

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

iControl REST Authentication Token Management

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS