moniblu
Contributor
Contributor

NSX-V application rules for NTLM Authentication

I'm attempting to load balance a web app that was previously not load balanced. I've found a few documents about application rules required to Load Balance NTLM and I've tried them all.

option http-keep-alive

no option http-server-close

no option httpclose

etc...

No dice. Has anyone had success adding application rules to support NTLM authentication? Frontend server is SharePoint and backend is IIS web services. At a certain point I need to be able to point at the application design if it hasn't been changed at all to accommodate the addition of a load balancer, but this is our first load balanced app in NSX so I'm struggling with the application rule syntax. Appreciate any insight anyone has!

5 Replies
dima_r
Contributor
Contributor

Hi, moniblu!

We have the same problem (IIS+SharePoint+NTML).  Did you find any solution?

0 Kudos
larsonm
Expert
Expert

Have we got NTLM to work through an NSX-v ESG load balaner, yes.  We have this running in our environment.  Not sure what app the back-end web sever is running.

pastedImage_0.png

Based on what you're saying, you may have already tried this.

May want to confirm that session persistence is configured.

0 Kudos
moniblu
Contributor
Contributor

Unfortunately the app design did not support load balancing and we had to move that single application off on to a standalone server. All the other web services worked fine for NTLM but there was something in the way that app operated that the sticky sessions  and application rules just weren't enough to prevent multiple auth attempts. The developers weren't willing to rework it to support LB so this is how it will be until they redesign it! Hope that's not the case for your app, but if it wasn't on an NLB before it's worth talking about.

dima_r
Contributor
Contributor

"no option http-server-close" did not help us. Therefore we changed L7 -> L4 and now waiting for test results.  

dima_r
Contributor
Contributor

Thanks for your answer!