refra_151287
Cirrus
CirrusHealth Monitor Authentication issue!
Hi Experts,
I want to use authentication for https monitor:
Configuration:I configured the monitor as follow, and applied it to the member 10.10.3.38:
(tmos) list ltm monitor http TEset
ltm monitor http TEset {
defaults-from http
destination *:http
interval 5
ip-dscp 0
password $M$Di$qDUaY70YZlWkuZZAqqD2uw==
send "GET /default1.asp HTTP/1.1\r\nHost: 10.10.3.38\r\nConnection: Close\r\n\r\n"
time-until-up 0
timeout 16
username admin
}
BUT the status of the member is always down, even I didn't specify a receive sting!!!!!!!
SSLDUMP:
when I tried to do ssldump I've got the output as follow:
[root@ADIB:Active:In Sync] config ssldump -Aed -nni 0.0 host 10.10.3.38
New TCP connection 1: 10.10.3.242(21722) <-> 10.10.3.38(80)
1430247122.9756 (0.0013) C>S
GET / HTTP/1.1
Host: 10.10.3.38
Connection: Close
Authorization: Basic Z2ZzbXRzYWRtaW46Wml0YU9jdDBiZXI=
1430247122.9763 (0.0006) S>C
HTTP/1.1 401 Unauthorized
Content-Length: 1656
Content-Type: text/html
Server: Microsoft-IIS/6.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
Date: Tue, 28 Apr 2015 18:33:32 GMT
Connection: close
........ snipped ..........
1 1430247122.9763 (0.0000) S>C TCP FIN
1430247122.9773 (0.0010) C>S
---------------------------------------------------------------
GET / HTTP/1.1
Host: 10.10.3.38
Connection: Close
Authorization: NTLM TlRMTVNTUAABAAAAB4IIAAAAAAAAAAAAAAAAAAAAAAA=
---------------------------------------------------------------
1 1430247122.9773 (0.0000) C>S TCP FIN
New TCP connection 2: 10.10.3.242(59150) <-> 10.10.3.38(80)
1430247127.9799 (0.0013) C>S
---------------------------------------------------------------
GET / HTTP/1.1
Host: 10.10.3.38
Connection: Close
Authorization: Basic Z2ZzbXRzYWRtaW46Wml0YU9jdDBiZXI=
when I tried to do curl with authentication it passed, as follow:
config curl -v --ntlm -u 'admin:P@S$w0rD' http://10.10.3.38
* About to connect() to 10.10.3.38 port 80 (0)
* Trying 10.10.3.38... connected
* Connected to 10.10.3.38 (10.10.3.38) port 80 (0)
* Server auth using NTLM with user 'admin'
> GET / HTTP/1.1
> Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 OpenSSL/1.0.1h zlib/1.2.3 libidn/0.6.5
> Host: 10.10.3.38
> Accept: */*
>
< HTTP/1.1 401 Unauthorized
< Content-Length: 1539
< Content-Type: text/html
< Server: Microsoft-IIS/6.0
< WWW-Authenticate: NTLM TlRMTVNTUAACAAAABgAGADgAAAAGgokCY61ZBgjsYlUAAAAAAAAAAH4AfgA+AAAABQLODgAAAA9BRElCSE8CAAwAQQBEAEkAQgBIAE8AAQAOAEUARwBCAFIAQQAwADYABAAUAGEAZABpAGIALgBjAG8ALgBhAGUAAwAkAGUAZwBiAHIAYQAwADYALgBhAGQAaQBiAC4AYwBvAC4AYQBlAAUAFABhAGQAaQBiAC4AYwBvAC4AYQBlAAAAAAA=
< X-Powered-By: ASP.NET
< Date: Tue, 28 Apr 2015 19:02:17 GMT
<
......snipped.............
> GET / HTTP/1.1
> Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACwALAHAAAAAEAAQAewAAAAAAAAAAAAAABoKJAiYV8respdC3AAAAAAAAAAAAAAAAAAAAAK2YLzid4t8Y05whwkOyQw/pqyJJALUfsGdmc210c2FkbWluQURJQg==
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 OpenSSL/1.0.1h zlib/1.2.3 libidn/0.6.5
> Host: 10.10.3.38
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Tue, 28 Apr 2015 19:02:18 GMT
< Server: Microsoft-IIS/6.0
< X-Powered-By: ASP.NET
< Content-Length: 497
< Content-Type: text/html
< Set-Cookie: ASPSESSIONIDAAQRTSTQ=IHPBALNDKIKOEEFFKLPDMGNN; path=/
< Cache-control: private
........snipped........
* Connection 0 to host 10.10.3.38 left intact
* Closing connection 0
thanks in advance!
