Hi, sorry to bug you, but I had posted this question over the past weekend and have not received any replies. Using NTLM configured as below and client sending domain WINGATE the log shows no Target Info block in the server challenge, which causes the client to abort the NTLM v2 handshake:
********** NTLM Start Server Challenge ************
NTLM Challenge (72 bytes) Hex: 4e 54 4c 4d 53 <SNIP>
[ 24] ChallengeData: 45 76 de 6d d4 8e a3 44
[ 40] Target Info: len: 0, offset: 0, value:
[ 48] Version: major 10, minor 0, build 18363, NTLM Revision 15
********** NTLM End Server Challenge ************
I've attached the NTLM handshake log.
Thanks for your help.
Previous post:
I’m running Wingate 9.4.1 (free license) on Windows 2012 R2 in an Active Directory domain. WWW Proxy auth is configured for NTLM Version 2 only (no second chance auth) using Wingate user database. The access rule re-authenticates all except authenticated users. For purposes of NTLM V2 handshake is the configured user associated with any Domain, e.g., Wingate or WINGATE?