VMware NSX

 View Only
  • 1.  NSX-V application rules for NTLM Authentication

    Posted Jul 24, 2019 11:36 PM

    I'm attempting to load balance a web app that was previously not load balanced. I've found a few documents about application rules required to Load Balance NTLM and I've tried them all.

    option http-keep-alive

    no option http-server-close

    no option httpclose

    etc...

    No dice. Has anyone had success adding application rules to support NTLM authentication? Frontend server is SharePoint and backend is IIS web services. At a certain point I need to be able to point at the application design if it hasn't been changed at all to accommodate the addition of a load balancer, but this is our first load balanced app in NSX so I'm struggling with the application rule syntax. Appreciate any insight anyone has!



  • 2.  RE: NSX-V application rules for NTLM Authentication

    Posted Feb 20, 2020 07:14 AM

    Hi, moniblu!

    We have the same problem (IIS+SharePoint+NTML).  Did you find any solution?



  • 3.  RE: NSX-V application rules for NTLM Authentication

    Broadcom Employee
    Posted Feb 20, 2020 12:58 PM

    Have we got NTLM to work through an NSX-v ESG load balaner, yes.  We have this running in our environment.  Not sure what app the back-end web sever is running.

    Based on what you're saying, you may have already tried this.

    May want to confirm that session persistence is configured.



  • 4.  RE: NSX-V application rules for NTLM Authentication

    Posted Feb 21, 2020 06:01 AM

    "no option http-server-close" did not help us. Therefore we changed L7 -> L4 and now waiting for test results.  



  • 5.  RE: NSX-V application rules for NTLM Authentication

    Posted Feb 20, 2020 04:41 PM

    Unfortunately the app design did not support load balancing and we had to move that single application off on to a standalone server. All the other web services worked fine for NTLM but there was something in the way that app operated that the sticky sessions  and application rules just weren't enough to prevent multiple auth attempts. The developers weren't willing to rework it to support LB so this is how it will be until they redesign it! Hope that's not the case for your app, but if it wasn't on an NLB before it's worth talking about.



  • 6.  RE: NSX-V application rules for NTLM Authentication

    Posted Feb 21, 2020 06:02 AM

    Thanks for your answer!