ApplicGate
(v12.0.9091.1083 started 2024-11-20 23:42:13 on VM2)

NTLM authentication support when routing via proxies with keyword CONNECT: (for Windows only!)
For NTLM support the software cntlm is used. See http://cntlm.sourceforge.net

Prerequisites:
cntlm.exe and cygwin1.dll must be stored in the same path as ApplicGate.exe
cntlm.ini must be stored in the same path as the routing table.
cntlm.ini must contain values for:
- Username
- Domain
- Password hashes for PassLM, PasNT and PassNTLMv2: run "cntlm -H" and insert the lines into cntlm.ini
- Proxy ... proxy:port
- Listen ... ipaddress:port
Example:
Username UserA
Domain DOMA
PassNTLMv2 F95B118....
Proxy proxy1.doma.net:84
Proxy proxy2.doma.net:84
Listen 127.0.0.1:3128

When ApplicGate starts it starts cntlm.exe if cntlm.ini has been found.
Output of cntlm.exe is redirected to the ApplicGate log file.
cntlm.exe can be started via scntlm and killed via kcntlm
Within rules as DestinationIP and DestinationPort the values configured as Listen in cntlm.ini have to be used.
Then cntlm.exe will connect to the configured proxy, authenticate and forward the CONNECT keyword.

Remark:
When ApplicGate is stopped via web interface, cntlm.exe will be stopped also.
When ApplicGate is killed, cntlm.exe remains running!

ApplicGate Logo  reinhold.leitner@applicgate.com (C) November 2024
www.applicgate.com