Regarding NTLMv2 vs NTLMv1 when using SSO

Description

Regarding NTLMv2 vs NTLMv1 when using SSO

Resolution

 

Feature/Application:

NTLMv2 does not support RADIUS or MS-CHAPv2.  For this reason, when attempting to implement SSO using NTLM, it is recommended to use NTLMv1.  More details can be found on https://www.sonicwall.com/en-us/support/knowledge-base/170504434489882.

It is of course possible to use alternative methods of connecting non-windows devices that might have domain users to the network using their credentials if use of NTLMv1 is not desired, such as having them log directly into the firewall, or accessing a wireless network that relays their authentication information directly to radius, or even use a GroupVPN or SSLPVN policy from a different zone to access the LAN zone.

Related Articles

  • How to create a dedicated user with the least privileges for the SSO agent
    Read More
  • How can I configure BGP (Border Gateway Protocol) with single ISP and advertise your public network?
    Read More
  • Expanded license for A/A Clustering and BGP
    Read More

Categories

Firewalls
SonicWall NSA Series
Firewalls
SonicWall SuperMassive 9000 Series
Firewalls
SonicWall SuperMassive E10000 Series
Firewalls
TZ Series
not finding your answers?
Ask the Community