Forum Discussion

Nimbostratus

May 15, 2018

NTLM message on F5

Hi, I am configuring NTLM authentication on the F5 following this guide: https://devcentral.f5.com/articles/configuring-apm-client-side-ntlm-authentication I have admin rights to create the...

application delivery

BIG-IP Access Policy Manager (APM)

devops

Secure Web Gateway

Simon_Blakely

Employee

May 15, 2018

K55889450: BIG-IP APM NTLM authentication for RDP client gateway and Microsoft Exchange Proxy are incompatible with the Microsoft workaround for MS17-010 (WannaCry / EternalBlue)

Microsoft has released security bulletin MS17-010 announcing a recommended software security patch to fix multiple vulnerabilities in SMBv1. A procedure to disable SMBv1 is listed as a workaround. When this workaround is implemented, NTLM authentication in BIG-IP APM fails for RDP client gateway deployments, and Microsoft Exchange ActiveSync proxy deployments.

As a result of this issue, you may encounter one or more of the following symptoms:

Users are unable to authenticate when accessing RDP or Exchange services using the BIG-IP APM system. The BIG-IP APM system generates messages to the /var/log/apm file that appear similar to the following example: 01620000:3: <0x55abeb70> nlclnt[129010a0a] init: Error [0xc0000011,NT_STATUS_END_OF_FILE] connecting to DC 10.10.10.10

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)