12-06-2016 04:12 AM
Hi All , im trying to get to grips with our new VTM's , and im struggling to get one of our websites moved over to them
i have set up the virtual servers, so that anything on http redirects to https , and talks to the back node on http.
i can connect through to the servers, and get a logon prompt (windows ntlm) which just keeps popping up wether you enter correct credentials or not
now we have the exact same thing set up on an old pair of TMG servers, which works absoloutly fine, it accepts the credentials and carries on
i have no idea how it is working on the TMGs and not the VTM's, im thinking its because the TMGs have a setting for AUthentication delegation which is set to No delegation , but client may authenticate directly..
any ideas how i can resolve this issue and have users able to authenticate? is this the double hop problem?
12-06-2016 06:31 AM
ok, slight advancement
i can now get this working in internet explorer by turning Transparent Proxying on, in the protocol settings of the virtual server
but it still failed withn chrome and internet explorer
12-08-2016 01:38 AM
12-09-2016 03:57 AM
Hi Baptiste, thanks for your reply
1. you need to configured persistence on vADC because your app servers don't share user session information
i have tried multiple types of session persistence. cookie , ip, asp cookie. all with no effect
2. you have not enabled http keepalive on the vadc (either client or server side)
keep alive is turned on, both for the virtual server, and the pool
3. the IP address of the vADC or the traffic ip is not "trusted" (or in a trusted network)
the IP of the site is set as a trused site, i have added the VTM's but it has had no effect
i have ran fiddler to see if i could see what is going on, and low and behold it works, but only when fiddler is running, i wonder if this could be something to do with keepalive then?