• The application running on the pool members is accessible through the VIP, however, it constantly shows an error when the user tries to get a report. When the request works the users sees an authentication prompt; after adding the credentials it lets the user get the report. This is rarely seen with IE11 but happens almost every time with MS Edge, Firefox and Chrome.
• You see entries similar to the following in the logs:

34:630810:2022/02/24 14:49:07 [debug] 26682#0: *2480191 http request line: "POST /PEPS%20Reports/PEPS_rpt_PrintedEstimates.aspx HTTP/1.1"
89:630865:2022/02/24 14:49:07 [debug] 26682#0: *2480191 http header: "Content-Length: 293912"
1115:632684:2022/02/24 14:49:07 [debug] 26682#0: *2480191 http proxy status 401 "401 Unauthorized"
1210:632834:2022/02/24 14:49:07 [debug] 26682#0: *2480191 http request line: "POST /PEPS%20Reports/PEPS_rpt_PrintedEstimates.aspx HTTP/1.1"
1265:632889:2022/02/24 14:49:07 [debug] 26682#0: *2480191 http header: "Content-Length: 293912"
1266:632890:2022/02/24 14:49:07 [debug] 26682#0: *2480191 http header: "Authorization: Negotiate TlRMTVNTUAABAAAAl4II4gAAAAAAAAAAAAAAAAAAAAAKALpHAAAADw=="
2848:635273:2022/02/24 14:49:07 [debug] 26682#0: *2480191 http proxy status 401 "401 Unauthorized"

VMware NSX-T Data Center 3.1.x

The issue only happens when the 1st http request in the session is with huge request body.

If users enable the NTLM authentication in backend servers, when users using Chrome, Firefox and edge browser, they might fail at NTLM authentication if the 1st http request in the session is with long request body.

Workaround:

• Use IE11 browser
• Use Layer 4 virtual server instead of Layer 7 virtual server.

Impact/Risks:
The access to backend server would fail in NTLM authentication, and cannot access the backend server as expected.