NTLM Proxy Mode
In LoadMaster firmware version 18.104.22.168 Long Term Support (LTS) and 7.2.53, a new NTLM Proxy Mode option was added to the LoadMaster. When upgrading from an older version of LoadMaster firmware to one of these versions (or above) the NTLM Proxy Mode option is not enabled by default. As a result, you must manually enable NTLM Proxy Mode after upgrading.
For all new deployments of LoadMasters after 22.214.171.124 LTS or 7.2.53, NTLM Proxy Mode is enabled by default.
When NTLM Proxy Mode is enabled, NTLM authorization works against the Real Servers. If NTLM Proxy Mode is disabled, the old insecure NTLM processing is performed.
Kemp highly recommends ensuring that NTLM Proxy Mode is enabled.
To ensure NTLM Proxy Mode is enabled, follow these steps in the LoadMaster Web User Interface (WUI):
1. In the main menu, go to System Configuration > Miscellaneous Options > L7 Configuration.
2. Ensure NTLM Proxy Mode is enabled.
When NTLM Proxy Mode is enabled globally, the Client Authentication Mode in Virtual Services is called NTLM-Proxy. If NTLM Proxy Mode is disabled globally, the Client Authentication Mode in Virtual Services is called NTLM.
For further details on NTLM in general, refer to the NTLM Feature Description.