Regarding NTLMv2 vs NTLMv1 when using SSO

Description

Regarding NTLMv2 vs NTLMv1 when using SSO

Resolution

 

Feature/Application:

NTLMv2 does not support RADIUS or MS-CHAPv2.  For this reason, when attempting to implement SSO using NTLM, it is recommended to use NTLMv1.  More details can be found on https://www.sonicwall.com/en-us/support/knowledge-base/170504434489882.

It is of course possible to use alternative methods of connecting non-windows devices that might have domain users to the network using their credentials if use of NTLMv1 is not desired, such as having them log directly into the firewall, or accessing a wireless network that relays their authentication information directly to radius, or even use a GroupVPN or SSLPVN policy from a different zone to access the LAN zone.

Related Articles

  • Custom DPI-SSL certificate generation and re-signing for expired DPI-SSL certificates on SonicOS 7.0.1
    Read More
  • Cysurance Partner FAQ
    Read More
  • How to apply CFS policies to SAML User Groups using OKTA as IdP?
    Read More

Categories

Firewalls
SonicWall NSA Series
Firewalls
SonicWall SuperMassive 9000 Series
Firewalls
SonicWall SuperMassive E10000 Series
Firewalls
TZ Series
not finding your answers?
Ask the Community