Fortinet black logo

Handbook

Configuring an NTLM authentication server

Configuring an NTLM authentication server

You can use a NTLM authentication server to authenticate user login to destination server.

Before you begin:

  • You must know the IP address, port, used to access the NTLM server.
  • You must have Read-Write permission for User settings.
Basic steps:
  1. Configure a connection to an NTLM server that can authenticate user login.
  2. Select the NTLM server configuration when you add users or user groups.
To create a NTLM server configuration:

1. Go to User Authentication > Remote Server.

2. Select the NTLM Server tab.

3. Click Create New to display the configuration editor.

4. Complete the configuration as described below.

5. Save the configuration.

Settings Guidelines
Name

Specify a unique name for the NTLM server configuration. Valid characters are A-Z, a-z, 0- 9, _, and -. No spaces allowed.

After you save the configuration, you cannot edit the name.

Server IP address of the remote NTLM server.
Port The listening port of the NTLM server. The commonly used port for an NTLM server is 445.

After configuring an NTLM server, configure a user group and add a member of NTLM type. This makes it possible for related authentication policy and virtual server to work under NTLM authentication.

Note: For user groups with “Client Authentication Method” set to “NTLM”, only allow use of an NTLM server as member; for “Client Authentication Method” set to “HTML form” and “HTTP”, use “NTLM server” is also allowed. Only NTLM version 1 is supported.

Configuring an NTLM authentication server

You can use a NTLM authentication server to authenticate user login to destination server.

Before you begin:

  • You must know the IP address, port, used to access the NTLM server.
  • You must have Read-Write permission for User settings.
Basic steps:
  1. Configure a connection to an NTLM server that can authenticate user login.
  2. Select the NTLM server configuration when you add users or user groups.
To create a NTLM server configuration:

1. Go to User Authentication > Remote Server.

2. Select the NTLM Server tab.

3. Click Create New to display the configuration editor.

4. Complete the configuration as described below.

5. Save the configuration.

Settings Guidelines
Name

Specify a unique name for the NTLM server configuration. Valid characters are A-Z, a-z, 0- 9, _, and -. No spaces allowed.

After you save the configuration, you cannot edit the name.

Server IP address of the remote NTLM server.
Port The listening port of the NTLM server. The commonly used port for an NTLM server is 445.

After configuring an NTLM server, configure a user group and add a member of NTLM type. This makes it possible for related authentication policy and virtual server to work under NTLM authentication.

Note: For user groups with “Client Authentication Method” set to “NTLM”, only allow use of an NTLM server as member; for “Client Authentication Method” set to “HTML form” and “HTTP”, use “NTLM server” is also allowed. Only NTLM version 1 is supported.