Hi Yutaka, Thanks for your reply. I now have the following configuration: -Pip-to-listen-on:443 ADMIN=admin@oce.. DGROOT="/DeleGate/" DELAY=reject:0,unknown:0 SERVER=https AUTHORIZER=-ntht HTTPCONF=methods:* STLS="fsv,fcl,sslway -cert lib/cert.crt -key lib/cert.key" MOUNT="/* https://destination_ip/* via=other-ip-of-delegate-server" REACHABLE=destination_ip:443 RELIABLE="*" The setup is as follows: IIS (destination ip) - (other-ip-of-delegate-server) delegate (ip-to-listen-on) - client In IIS windows integrated authentication (NTLM) is enabled. Still, when connecting to delegate, I'm unable to connect. The logfile shows: 09/04 09:59:33.97 [2444] 3+1: REQUEST - GET / HTTP/1.1^M 09/04 09:59:33.97 [2444] 3+1: *** / => destination_ip/ *** 09/04 09:59:33.97 [2444] 3+1: REQUEST +M destination_ip/ HTTP/1.1^M 09/04 09:59:33.98 [2444] 3+1: ----NTHT accept 0 MO=1 UT=0 09/04 09:59:33.98 [2444] 3+1: ----NTHT_accept(0,53,53) ss=0 09/04 09:59:33.98 [2444] 3+1: ####cred name=NT AUTHORITY\SYSTEM 09/04 09:59:33.98 [2444] 3+1: ====NTLM Start 09/04 09:59:33.98 [2444] 3+1: SOCKET recv(41)=0 error=0 [0.000] TCP AF_INET :1228 << :1227 09/04 09:59:33.98 [2444] 3+1: ## SSLway FCL S-C:64/1 C-S:713/1 (WIN) 08:59:33.982 [2444] send(346) = -1+0 errno=10058 [1728] 09/04 09:59:33.98 [2444] 3+1: ## got SIGPIPE [1] in HTTP: (WIN) 08:59:33.982 [2444] +++EPIPE[53] fflushTIMEOUT() for EOF 09/04 09:59:33.98 [2444] 3+1: ClientEOF: request-EOF-7 [53 53] 330 8000 1 09/04 09:59:33.98 [2444] 3+1: HCKA:[0] closed -- d:by client(request EOF-7) 09/04 09:59:33.98 [2444] 3+1: disconnected [53] -@[ip]hostname:31199 (0.328s)(0) Is there something wrong in my setup / configuration or did I miss anything? Any help would be appreciated. In your documentation I don't find anything about the -Enh option. Kind regards, Willy Nagel. -----Original Message----- From: Yutaka Sato [mailto:feedback@delegate.org] Sent: Tuesday, September 02, 2008 8:17 PM To: feedback@delegate.org Cc: Nagel, Willy Subject: Re: [DeleGate-En] FW: [DeleGate-En] Windows Integrated Authentication Hi, In message <_A4098@delegate-en.ML_> on 09/02/08(20:53:51) you "Nagel, Willy" <ptihqbdyi-j73qrjk4emlr.ml@ml.delegate.org> wrote: |This doesn't seem to resolve the issue. |Maybe you have another clue? |Here's what appears in the logfile (beneath this logfile are results |when not using the HTTPCONF add-rhead value): ... |Conveying NTLM authentication over HTTP seems be defined in RFC4559 and It seems that I implemented "NTLM over HTTP" in DeleGate/9.8.2 as CHANGES file records: >9.8.2 080625 new {env,http}.c: added -Enh to enable NTHT proxy (NTLM >over HTTP) Thus recent DeleGate should work with it with "-Enh" option. Cheers, Yutaka -- 9 9 Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/ ( ~ ) National Institute of Advanced Industrial Science and Technology _< >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan Do the more with the less -- B. Fuller This message and attachment(s) are intended solely for use by the addressee and may contain information that is privileged, confidential or otherwise exempt from disclosure under applicable law. If you are not the intended recipient or agent thereof responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender immediately by telephone and with a 'reply' message. Thank you for your co-operation.
V