The ProxySG or Advanced Secure Gateway appliance prompts Microsoft Lync for authentication challenge

book

Article ID: 168850

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

When the ProxySG or Advanced Secure Gateway appliance accesses Microsoft Lync, it prompts Lync for authentication.
 

Cause

Microsoft Lync does not work well with NTLM authentication challenges from the ProxySG or Advanced Secure Gateway appliance.
 

Resolution

Implement the following CPL rules to bypass authentication for Microsoft Lync related domains:

<Proxy> 
condition=lync_login authenticate(no) Allow 

define condition lync_login 
url.domain=company_domain.com    -- change based on case by case basi
url.domain=infra.lync.com 
url.domain=edge.messenger.live.com 
url.domain=outlook.office365.com 
end    


Note: The above rule example turns off authentication and also allows requests to the domains in the lync_login condition.  If requests for Lync are allowed/blocked within different points in policy then the 'Allow' portion of the CPL example above can be removed.