Forum Discussion

Habib_Ulla_Khan's avatar
Habib_Ulla_Khan
Icon for Nimbostratus rankNimbostratus
Apr 12, 2017

F5 LTM doesnt pass the credential to server.

Hi All,

 

i have a vip configured on LTM (no APM/access policy). Basically when i access server directly my windows credentials are passed to server and authentication happens , page launches.

 

When i do the same through the url which is mapped to f5 LB VIP, its gives error "You are not authorized to view this page, please contact System Administrator". I the header the difference i see is as below.

 

  • Direct to server
  • General
  • Request URL:[]
  • Request Method:GET
  • Status Code:200 OK
  • Remote Address:172.27.60.20:80
  • Referrer Policy:no-referrer-when-downgrade

Request Headers * Accept:application/json, text/javascript, /; q=0.01 * Accept-Encoding:gzip, deflate, sdch * Accept-Language:en-US,en;q=0.8 * Connection:keep-alive * Content-Type:application/json; charset=utf-8 * Cookie:ASP.NET_SessionId=r1q4wdw4sum4rr30pirdwnq3 * Host:swdohd2psim0003 * Referer: * User-Agent:Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 X-Requested-With:XMLHttpRequest

 

  • Query String Parameters
  • userId:75537
  • taskType:mlog

Through F5 LB * General * Request URL:[https://tipsuat.xxxxx.com.ca/tips/Dashboard/Dashboard/GetMyMlogs?taskType=mlog] * Request Method:GET * Status Code:200 OK * Remote Address:1x2.2.x9.x0:443 * Referrer Policy:no-referrer-when-downgrade

 

  • Response Headers
  • view source
  • Cache-Control:private, s-maxage=0
  • Content-Type:text/html; charset=utf-8
  • Date:Wed, 12 Apr 2017 09:36:56 GMT
  • Persistent-Auth:true
  • Server:Microsoft-IIS/8.5
  • Transfer-Encoding:chunked
  • X-AspNet-Version:4.0.30319
  • X-AspNetMvc-Version:5.1
  • X-Powered-By:ASP.NET

     

  • Request Headers

     

  • view source
  • Accept:application/json, text/javascript, /; q=0.01
  • Accept-Encoding:gzip, deflate, sdch, br
  • Accept-Language:en-US,en;q=0.8
  • Connection:keep-alive
  • Content-Type:application/json; charset=utf-8
  • Cookie:__RequestVerificationToken_L1NJTVM1=aY1eDJv-IYR_mOAfkarVzpeQ-XxMEfSYAZZ8k1s2Mv92UuS28pokWy1P1Uk3tKuSoeRCG0sHttgCUx_YHs9yVS0OnGJTgIiDJ89aLEWTHDo1; ASP.NET_SessionId=drafkwmmrjzrbhkfjemwkedl
  • Host:tipsuat.xxxxx.com.ca
  • Referer:[https://tipsuat.xxxxx.com.ca/tips/Dashboard/Dashboard]
  • User-Agent:Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
  • X-Requested-With:XMLHttpRequest
  • Query String Parameters
  • view source
  • view URL encoded
  • taskType:mlog

Let me know if any solution. I have tried using NTLM disable irule but that didnt help.

 

1 Reply

  • You need to capture the traffic using an HTTP debug tool, like HttpWatch or Fiddler, and collect the traffic via F5 and direct to the server. It will tell you what is different, and where to look next. Probably, it will show you that the authentication is sent to a different URL.

     

    If you need help to understand the output, post here (also the relevant part of the F5 configuration), and I will have a look.