Configuring APM Client Side NTLM Authentication
Introduction
There have been a ton of requests on the boards for a simplified client side NTLM configuration, so based on Michael Koyfman’s excellent Leveraging BIG-IP APM for seamless client NTLM...
Published May 12, 2015
Version 1.0
Kevin_Stewart
Employee
EmployeeKevin_StewartEmployee
Employee
a_basharat
Nimbostratus
NimbostratusHi Kevin, I followed the procedure described above, and at the end when trying to open an HTTPS website, the Web Browser doesn't go beyond the logon page [captive portal], and the Website saying 'page can't be displayed', with the URL redirected to:
https://f5proxylogon.mydomain.com/F5Networks-SSO-Req?SSO_ORIG_URI=aHR0cDovL3d3dy5nb29nbGUuY28udWsv
The APM logs are being flooded by the following two messages:
Apr 24 15:29:49 Proxy-F5 err eca[5939]: 0162000e:3: Invalid metadata (select_ntlm:)
Apr 24 15:29:49 Proxy-F5 err eca[5939]: 0162000e:3: Invalid argument ()
The messages didn't stopped until I deleted the NTLM access profile completely from the APM [and the iRule as well]
Any idea why?