cntlm: Proxy returning invalid challenge
Amedee Van Gasse (ub)
amedee-ubuntu at amedee.be
Mon Oct 11 18:44:34 UTC 2010
I'm taking evening classes Java. The internet connection is protected with
an ISA server. We got the proxy server, port, login and password from the
teacher.
My fellow students all have Windows on their laptop and have no problem to
get online with their browser.
For me it doesn't work because it appears that ISA requires NTLM
authentication. I installed and configured cntlm but it still doesn't
work.
This is my /etc/cntlm.conf (comments stripped):
Username username
Password password
Proxy 192.168.5.253:8080
NoProxy localhost, 127.0.0.*, 10.*, 192.168.*
Listen 3128
When I run 'sudo /usr/sbin/cntlm -v', I get the following output:
section: global, Username = 'username'
section: global, Password = 'password'
section: global, Proxy = '192.168.5.253:8080'
section: global, NoProxy = 'localhost, 127.0.0.*, 10.*, 192.168.*'
section: global, Listen = '3128'
Default config file opened successfully
cntlm: Proxy listening on 127.0.0.1:3128
cntlm: Resolving proxy 192.168.5.253...
Adding no-proxy for: 'localhost'
Adding no-proxy for: '127.0.0.*'
Adding no-proxy for: '10.*'
Adding no-proxy for: '192.168.*'
cntlm: Workstation name used: deagol
cntlm: Using following NTLM hashes: NTLMv2(1) NT(0) LM(0)
cntlm[2685]: Cntlm ready, staying in the foreground
******* Round 1 C: 5 *******
Reading headers (5)...
HEAD: GET http://leerstad.be/ HTTP/1.1
NO: leerstad.be (localhost)
NO: leerstad.be (127.0.0.*)
NO: leerstad.be (10.*)
NO: leerstad.be (192.168.*)
Thread processing...
Host => leerstad.be
User-Agent => Mozilla/5.0 (X11; U; Linux i686; nl;
rv:1.9.2.10) Gecko/20100922 Ubuntu/10.10 (maverick) Firefox/3.6.10
Accept =>
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language => nl,en-us;q=0.7,en;q=0.3
Accept-Encoding => gzip,deflate
Accept-Charset => ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive => 115
Proxy-Connection => keep-alive
Cache-Control => max-age=0
cntlm[2343]: 127.0.0.1 GET http://leerstad.be/
NTLM Request:
Domain:
Hostname: deagol
Flags: 0xA208B205
Sending PROXY auth request...
Host => leerstad.be
User-Agent => Mozilla/5.0 (X11; U; Linux i686; nl;
rv:1.9.2.10) Gecko/20100922 Ubuntu/10.10 (maverick) Firefox/3.6.10
Accept =>
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language => nl,en-us;q=0.7,en;q=0.3
Accept-Encoding => gzip,deflate
Accept-Charset => ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive => 115
Proxy-Connection => keep-alive
Cache-Control => max-age=0
Proxy-Authorization => NTLM
TlRMTVNTUAABAAAABbIIogAAAAAmAAAABgAGACAAAABERUFHT0w=
Content-Length => 0
Reading PROXY auth response...
HEAD: HTTP/1.1 407 Proxy Authentication Required ( The ISA Server requires
authorization to fulfill the request. Access to the Web Proxy filter is
denied. )
Via => 1.1 SERV-PROXY
Proxy-Authenticate => Negotiate
Proxy-Authenticate => Kerberos
Proxy-Authenticate => NTLM
Connection => close
Proxy-Connection => close
Pragma => no-cache
Cache-Control => no-cache
Content-Type => text/html
Content-Length => 4118
Discarding 4118 bytes.
cntlm[2343]: Proxy returning invalid challenge!
Sending headers (6)...
Host => leerstad.be
User-Agent => Mozilla/5.0 (X11; U; Linux i686; nl;
rv:1.9.2.10) Gecko/20100922 Ubuntu/10.10 (maverick) Firefox/3.6.10
Accept =>
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language => nl,en-us;q=0.7,en;q=0.3
Accept-Encoding => gzip,deflate
Accept-Charset => ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive => 115
Proxy-Connection => keep-alive
Cache-Control => max-age=0
headers_send: fd 6 warning -999 (connection closed)
forward_request: palive=0, authok=0, ntlm=0, closed=1
Thread finished.
proxy_thread: request rc = ffffffff
Joining thread 3079035760; rc: 0
Username is correct, password is correct, proxy server is correct, domain
is not needed. What else did I get wrong?
Kind regards,
Amedee Van Gasse
More information about the ubuntu-users
mailing list