cancel
Showing results for 
Search instead for 
Did you mean: 
r.varela
Level 7

Gateway not authenticating - Explicit, NTML

Jump to solution

hi

I'm having troubles with Gateway Authentication. I've followed the guides for configuring Authentication rules, but I cannot make them work.

Auth log:

[2016-06-07 15:24:13.940 -03:00] [2410] NTLM (796, 10.11.5.111) Configuration: Auth_xxx Connection: 0x7f9c8153e4e0 RR: 0x7f9c7e43c9d0

[2016-06-07 15:24:13.940 -03:00] [2410] NTLM (796, 10.11.5.111) Authentication didn't return values, failure ID: 4, authentication failed: 0

[2016-06-07 15:24:13.940 -03:00] [2410] NTLM (796, 10.11.5.111) Added authentication method: Basic realm="xxxxx.com"

[2016-06-07 15:24:13.940 -03:00] [2410] NTLM (796, 10.11.5.111) Added authentication method: NTLM

I've checked that the Gateway can ping to xxxxx.com, the domain. Also, it's correctly attached:

Also, testing the connection works :

The issue is this:

Any ideas ?

thanks

Ricardo

0 Kudos
1 Solution

Accepted Solutions
asabban
Level 17

Re: Gateway not authenticating - Explicit, NTML

Jump to solution

Yes. You have changed the "Authenticate" action to a "Block" action in the "Authenticate With User Database" rule. This means when the browser comes with no credentials at all for the first time MWG will not send an HTTP/407 status code to trigger authentication at the browser, but will throw a block action right away. The browser will never have a chance to authenticate.

Please try using the default rule set that ships with the product. If the setup to the Active Directory works fine (which seems to be the case) authentication will work out of the box.

Best,

Andre

0 Kudos
1 Reply
asabban
Level 17

Re: Gateway not authenticating - Explicit, NTML

Jump to solution

Yes. You have changed the "Authenticate" action to a "Block" action in the "Authenticate With User Database" rule. This means when the browser comes with no credentials at all for the first time MWG will not send an HTTP/407 status code to trigger authentication at the browser, but will throw a block action right away. The browser will never have a chance to authenticate.

Please try using the default rule set that ships with the product. If the setup to the Active Directory works fine (which seems to be the case) authentication will work out of the box.

Best,

Andre

0 Kudos