F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Configuring APM Client Side NTLM Authentication

Introduction There have been a ton of requests on the boards for a simplified client side NTLM configuration, so based on Michael Koyfman’s excellent Leveraging BIG-IP APM for seamless client NTLM...

Published May 12, 2015

Version 1.0

authentication

BIG-IP Access Policy Manager (APM)

ntlm

security

Kevin_Stewart

Employee

Joined March 16, 2006

View Profile

Algebraic_Mirror

Cirrostratus

Jul 28, 2015

This is excellent, thanks for writing it! I've been trying to find the simplest method, and this answers that question! I like how Michael's setup allows for things like re-prompting an end user if they get their password wrong the first time, but in most use cases where the end target is something like Microsoft Word trying to access SharePoint, where the computer already has valid credentials, I really prefer this simpler method. I also like that your method doesn't require setting port translation on the virtual server to "preserve-strict", because that can result in a broken connection for someone if two clients try to use the same source port. Thanks again for writing this, it is much appreciated!

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Configuring APM Client Side NTLM Authentication

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS