Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Configuring NTLM authentication on ACE 4710

Hi all,

     We are deploying a Microsoft Exchange 2010 server environment, which will have a ACE 4710 front end.  What we are finding is that if a server goes down, a client will need to re-authenticate to a new server.  The server team has informed me that if they use Microsoft SLB this does not happen.  They have also mentioned that we are getting basic authentication, rather than NTLM.  As a result I have read several posts/articles which mention forcing NTLM on the ACE, but none go into real detail.

     A couple of official Cisco documents point to having the Exchange Server, and Client both set to use NTLM.  So on the server you do not need to select MAPI encryption.  I am told this is not an option here, because a multitude of clients are supported, from Outlook 2003, through to 2010.

     Any pointers would be much appreciated.


Cisco Employee

Configuring NTLM authentication on ACE 4710

Hi Mike

Could you please clarify what exactly you need to achieve ?

Because e.g. if you have serverfarm with 3 servers, and ACE which loadblance some traffic to them, then ACE can't be responsible for any of things you described.

I mean - Decision about what authentication Basic or NTLM to use, is made on Client/Server side, not on some device which is responsible for redirection traffic. ACE can't be  some kind of Authentication Gateway.

Regarding reauthentication, it's not clear either. E.g client was authenticated on server #1 , it failed, how server #2 can know that client was authenticated on server#1. They should have some kind of synchronization in this case, but it's definitely should run on MS side.

CreatePlease login to create content