Archived Forum Post

Index of archived forum posts

Question:

NTLM Proxy authentication

Nov 23 '15 at 04:23

I have an application that connects to an sFTP site with no problems, that is until a proxy is used that requires NTLM authentication.

19/11/2015 12:14:34 : Connection failed, : ChilkatLog: Connect_SFtp:

DllDate: Dec  5 2014
ChilkatVersion: 9.5.0.46
UnlockPrefix: BROADRSSH
Username: *:*
Architecture: Little Endian; 32-bit
Language: .NET 4.0
VerboseLogging: 0
SftpVersion: 0
hostname: *.*.*.*
port: 22
httpProxyConnect:
  proxyHostname: *.*.*.*
  proxyPort: 8080
  proxyAuthMethod: NTLM
  proxyUsername: pricep
  proxyConnectNtlm:
    t1_flags: 0x8a207
    ConnectRequest: CONNECT 193.36.1.56:22 HTTP/1.1

Connection: Keep-Alive Proxy-Connection: Keep-Alive Host: 193.36.1.56 Proxy-Authorization: NTLM TlRMTVNTUAABAAAAB6IIAAAAAAAAAAAADgAOACAAAABMT05EMTMzNVBSSUNFUA==

Sending CONNECT with NTLM Type1 message to proxy... Receiving NTLM TYPE2 message from proxy... NtlmChallenge: TlRMTVNTUAACAAAAAAAAAAAAAAAFgokA5n178cNKcPgAAAAAAAAAAAAAAAAAAAAA

    genType3:
      TargetName: 
      nbComputer: 
      nbDomain: 
      dnsComputer: 
      dnsDomain: 
      t2_flags: 0x898205
      t3_flags: 0x88205
      ntlmDomain: 
      ntlmUsername: pricep
      workstation: LOND1335PRICEP
      Generating random client challenge.
      ClientChallenge: 4172 B7D8 307A 45D1
      NtlmVersion: 1
      ntlmVersion1:
        LmResponse: 4172 B7D8 307A 45D1 0000 0000 0000 0000

0000 0000 0000 0000

        NtResponse: A5CA AA69 484D 658B 780F FD42 4A6F 2BDA

D226 ECCC 738B EA1A

      --ntlmVersion1
    --genType3
    Sending CONNECT with NTLM Type3 message to proxy...
    Type3Response: HTTP/1.1 407 authenticationrequired

Via: 1.1 10.32.22.20 (McAfee Web Gateway 7.5.2.2.0.19971) Date: Thu, 19 Nov 2015 12:14:34 GMT

Content-Type: text/html

Cache-Control: no-cache

Content-Length: 2548

Proxy-Connection: Keep-Alive

Proxy-Authenticate: NTLM

Proxy-Authenticate: Basic realm="McAfee Web Gateway"

  --proxyConnectNtlm
--httpProxyConnect
Failed to establish initial TCP/IP connection
Failed.

--Connect_SFtp --ChilkatLog

The code I use to configure the proxy for Http / Ntlm is as follows

            case ProxyType.Http:
                _audit.Audit("Configuring proxy settings for Http");
                _sftp.HttpProxyHostname = proxyHostname;
                _sftp.HttpProxyPort = proxyPort;
                _sftp.HttpProxyUsername = proxyUserName;
                _sftp.HttpProxyPassword = PasswordEncrypt.Decode(proxyPassword);

                if (!string.IsNullOrWhiteSpace(proxyUserName))
                {
                    _audit.Audit("Configuring proxy Authentication for Http as " + authMode);
                    _sftp.HttpProxyAuthMethod = authMode == ProxyHttpAuthMode.Ntlm ? "NTLM" : "Basic";
                }
                break;

Can anybody see what I have missed or I am doing wrong? (the ip addresses have been masked)

---

Answer

I would recommend first testing with the latest version of Chilkat to see if the status of the problem changes..