RBS_79242
Jan 30, 2014Nimbostratus
HTTP Monitor with Authenticate NTLM failing
Hi,
I am finding that my http monitor is closing the connection after receiving the WWW-Authenticate: Negotiate directive.
Sys::Version
Main Package
Product BIG-IP
Version 11.2.1
Build 807.0
Edition Hotfix HF1
Date Tue Oct 2 10:46:52 PDT 2012
Hotfix List
ID397981 ID395272 ID397435 ID397882
ltm monitor http crm-test.dev.internal_80_http_monitor {
app-service /internal_nonprod/crm-test.dev.internal_80.app/crm-test.wd.govt.nz_80
defaults-from /Common/http
destination *:*
interval 30
partition internal_dev
password secret
recv "200 OK"
send "GET /F5Dynamics/main.aspx HTTP/1.1\\r\\nUser-Agent: F5 Health-Check\\r\\nHost: crm-test.dev.internal\\r\\nAccept: */*"
time-until-up 0
timeout 91
username svc_F5access@dev.internal
}
~ ssldump -AedaH -nni 0.0 host 10.106.0.15
New TCP connection 1: 10.228.128.10(32944) <-> 10.106.0.15(80)
1391050874.5897 (0.0026) C>S
---------------------------------------------------------------
GET /F5Dynamics/main.aspx HTTP/1.1
User-Agent: F5 Health-Check/4.0
Host: crm-test.dev.internal
Accept: */*
Authorization: Basic c3ZjX0Y1YWNjZXNzQGRldi5hZC5pbnRlcm5hbDp1lkRW9OUVZqV3VCUHdwbnhPdHFPM0s=
---------------------------------------------------------------
1391050874.5927 (0.0030) S>C
---------------------------------------------------------------
HTTP/1.1 401 Unauthorized
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: text/plain
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ReqClientId=6e803adf-3636-451b-9a6f-9550316e6f71; expires=Wed, 30-Jan-2064 03:01:14 GMT; path=/; HttpOnly
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
Date: Thu, 30 Jan 2014 03:01:14 GMT
31
HTTP Error 401 - Unauthorized: Access is denied
---------------------------------------------------------------
1391050874.5928 (0.0000) S>C
---------------------------------------------------------------
0
---------------------------------------------------------------
This behavior is very different to that displayed in this post: https://devcentral.f5.com/questions?pid=8446
It seems that the F5 is ignoring the request to Authenticate and does not attempt to try the NTLM protocol after the IIS Server has responded with a auth failure.
Thanks.