Dear All PLUCian's
Salam,
Many of Desi Cable Net Users asked me about how to run IRC and MSN behind MS ISA Server So, I do alot of Search and Found NTLM Authorization Proxy Server. Check it out hope it will help you guys alot.
Best Regards.
Using Internet Relay Chat and MSN behind ISA Server
-
LinuxFreaK
- Site Admin
- Posts: 5132
- Joined: Fri May 02, 2003 10:24 am
- Location: Karachi
- Contact:
Using Internet Relay Chat and MSN behind ISA Server
Farrukh Ahmed
Using Internet Relay Chat and MSN behind ISA Server
Nice work 
and it is really required with over 27% now relying upon DCN for internet access [ Spider Survey].
Would you care to write a HowTo and post that at PLUC Wiki.
May be you can include some info about Gaim.
and it is really required with over 27% now relying upon DCN for internet access [ Spider Survey].Would you care to write a HowTo and post that at PLUC Wiki.
May be you can include some info about Gaim.
-
LinuxFreaK
- Site Admin
- Posts: 5132
- Joined: Fri May 02, 2003 10:24 am
- Location: Karachi
- Contact:
Re:
Dear Mahin,
Salam,
Authentication method not supported message (MS Proxy Server, IIS, and others)
Platform: All platforms
This error message will appear when you try to visit a server which uses NTLM (NT Lan Manager) authentication:
"The server requested a login authentication method that is not supported."
This error can apply to the Microsoft Internet Security and Acceleration Server (ISA), which has encrypted authentication enabled by default. This can be changed in the server properties: "Edit Identification" - enable "Basic with this domain".
A possible solution to the problem if basic authentication cannot be used is to use the [urlhttp://www.geocities.com/rozmanov/ntlm/]NTLM Authorization Proxy Server[/url], which allows you to authenticate using Microsoft's proprietary NTLM protocol.
You may also see the error on similarly configured Microsoft IIS (Internet Information System) servers.
If this error message appears when you try to connect to your proxy server with Opera, it is probably because it is running MS Proxy Server 2.0 with encrypted authentication:
"The proxy server requested a login authentication method that is not supported."
This proxy server will not work with Opera unless you download and install the MS Proxy Client (mspclnt). Ask your network administrator to configure the server in such a way that it gives you access to the Internet through use of the mspclnt. Then configure Opera as if you were connected to the Internet without using a proxy server. This involves removing all proxy information from your proxy settings. (Go to File > Preferences > Network > Proxy servers... and disable proxy for all protocols.)
Another possibility for the network administrator is to disable encrypted authentication and use basic authentication instead.
There are no plans to support NTLM, as it is proprietary, and might soon be dropped by Microsoft as well.
Sir, Hope I Could but i can't man there are lots of reasons bcoz i am not @ DCN and i don't have much time to Write HowTo but i will try my Level Best. and i think i do little hurry Post it @ LinuxPakistan i think its my mistake that i post it without Testing But its the Solution. I will try it @ Office INSAHALLAH. Check Out the Links Below May be Help Guys who want to help them Selves.
http://www.geocities.com/rozmanov/ntlm/
http://www.innovation.ch/java/ntlm.html
Best Regards.
Salam,
Authentication method not supported message (MS Proxy Server, IIS, and others)
Platform: All platforms
This error message will appear when you try to visit a server which uses NTLM (NT Lan Manager) authentication:
"The server requested a login authentication method that is not supported."
This error can apply to the Microsoft Internet Security and Acceleration Server (ISA), which has encrypted authentication enabled by default. This can be changed in the server properties: "Edit Identification" - enable "Basic with this domain".
A possible solution to the problem if basic authentication cannot be used is to use the [urlhttp://www.geocities.com/rozmanov/ntlm/]NTLM Authorization Proxy Server[/url], which allows you to authenticate using Microsoft's proprietary NTLM protocol.
You may also see the error on similarly configured Microsoft IIS (Internet Information System) servers.
If this error message appears when you try to connect to your proxy server with Opera, it is probably because it is running MS Proxy Server 2.0 with encrypted authentication:
"The proxy server requested a login authentication method that is not supported."
This proxy server will not work with Opera unless you download and install the MS Proxy Client (mspclnt). Ask your network administrator to configure the server in such a way that it gives you access to the Internet through use of the mspclnt. Then configure Opera as if you were connected to the Internet without using a proxy server. This involves removing all proxy information from your proxy settings. (Go to File > Preferences > Network > Proxy servers... and disable proxy for all protocols.)
Another possibility for the network administrator is to disable encrypted authentication and use basic authentication instead.
There are no plans to support NTLM, as it is proprietary, and might soon be dropped by Microsoft as well.
Sir, Hope I Could but i can't man there are lots of reasons bcoz i am not @ DCN and i don't have much time to Write HowTo but i will try my Level Best. and i think i do little hurry Post it @ LinuxPakistan i think its my mistake that i post it without Testing But its the Solution. I will try it @ Office INSAHALLAH. Check Out the Links Below May be Help Guys who want to help them Selves.
http://www.geocities.com/rozmanov/ntlm/
http://www.innovation.ch/java/ntlm.html
Best Regards.
Farrukh Ahmed
-
LinuxFreaK
- Site Admin
- Posts: 5132
- Joined: Fri May 02, 2003 10:24 am
- Location: Karachi
- Contact:
How to connect us to a M$ ISA Proxy server from GNU/Linux
Dear All PLUCian's
Salam
In this article I explain like connecting to a M$ ISA Proxy server from GNU/Linux, since aforesaid proxy single accepts connections from Internet Explorer.
LIKE CONNECTING US To A M$ ISA PROXY SERVER FROM GNU/LINUX
Dear companions, I suppose that more than one of you unfortunately it works in a company where the servant of proxy works under Windows, and that to make matters worse is ms isa proxy server (or similar), which, unavoidably forces to us to use the malevolent Internet Explorer, then, for which we used GNU/Linux this is a great disadvantage since it prevents us to connect to us to Internet. Then bién, exists a solution, its name is NTLM Authorization Proxy server and it is possible to be found in freshmeat.net.
NTLM Authorization Proxy server actua like proxy intermediate between proxy in the server Hasefroch and our machine, that is to say, is proxy of another one proxy, which is going to allow to us to connect to us.
I will now come to explain the installation process:
First which we must do is to unload us the program of the official pagina, to accede to her you can press aqui (1) .
Once we have unloaded the program, we will come to its installation, we must do the following thing:
to tar - zxvf aps098.tar.gz
CD aps098
Once within the directory of the program, we will be able to observe that there are several archives, those that are going to us to matter mainly are main.py (that is the one that script contains) and server.cfg that is the one that us servira to form the behavior of the program. We will come to publish the file server.cfg and will look for the following options:
LISTEN_PORT: Port by where the NTML listened to requests, by defect comes the 5865
Example: LISTEN_PORT:5865
PARENT_PROXY : Here we will put the IP of the servant proxy of M$
Example: PARENT_PROXY=10.8.1.3
PARENT_PROXY_PORT: Here we will put the port of the servant of M$
Example: PARENT_PROXY_PORT=8080
DOMAIN: Aqui we will put the dominion to which our network belongs
Example: DOMAIN:PRUEBAS
USER: Name of user of access to proxy of M$
Example: USER:RAUL
PASSWORD: Password that has assigned to us to accede to proxy of M$
Example: PASSWORD:winkk_sucks
We kept the file and we executed main.py.
Theoretically everything would have to work, but.... that it happens if to accede to proxy we did not need password? since we can have a small problem, and is that the field password cannot be left emptiness because then us pedira password by line of commandos, and does not accept not by answer, the solution is the following one.
Necessary material: Mcedit (at least it is with which I have used)
Let us come to solve the problem:
Once made all the configuration of the file server.cfg (having left to the field password in target), we will do the following thing:
dd bs=1 count=1 if=/dev/zero of=zero.tmp
cat zero.tmp > > server.cfg
Now the good thing comes:
mcedit server.cfg
We go away to the last line and we will see that it appears a point selected in black, we put ourselves on him and we selected it with F3 and the key of lateral displacement (cursor), will be put of green color, we return to give F3 and with the cursors we go away to where = puts PASSWORD and we give the F6 key, now it must put something like:
PASSWORD =.
We kept and we executed main.py
Configuration of the client
In the option of proxy of our navigator, only which we will have to do is to put like server localhost and like port the 5865
I hope that it has served to you as something, at least I now I can enjoy the connection to Internet under linux in my company.
Sources of the information:
www.tldp.org
www.freshmeat.net
List of connections of this article:
1. http://freshmeat.net/projects/ntlmaps/
Best Regards.
Salam
In this article I explain like connecting to a M$ ISA Proxy server from GNU/Linux, since aforesaid proxy single accepts connections from Internet Explorer.
LIKE CONNECTING US To A M$ ISA PROXY SERVER FROM GNU/LINUX
Dear companions, I suppose that more than one of you unfortunately it works in a company where the servant of proxy works under Windows, and that to make matters worse is ms isa proxy server (or similar), which, unavoidably forces to us to use the malevolent Internet Explorer, then, for which we used GNU/Linux this is a great disadvantage since it prevents us to connect to us to Internet. Then bién, exists a solution, its name is NTLM Authorization Proxy server and it is possible to be found in freshmeat.net.
NTLM Authorization Proxy server actua like proxy intermediate between proxy in the server Hasefroch and our machine, that is to say, is proxy of another one proxy, which is going to allow to us to connect to us.
I will now come to explain the installation process:
First which we must do is to unload us the program of the official pagina, to accede to her you can press aqui (1) .
Once we have unloaded the program, we will come to its installation, we must do the following thing:
to tar - zxvf aps098.tar.gz
CD aps098
Once within the directory of the program, we will be able to observe that there are several archives, those that are going to us to matter mainly are main.py (that is the one that script contains) and server.cfg that is the one that us servira to form the behavior of the program. We will come to publish the file server.cfg and will look for the following options:
LISTEN_PORT: Port by where the NTML listened to requests, by defect comes the 5865
Example: LISTEN_PORT:5865
PARENT_PROXY : Here we will put the IP of the servant proxy of M$
Example: PARENT_PROXY=10.8.1.3
PARENT_PROXY_PORT: Here we will put the port of the servant of M$
Example: PARENT_PROXY_PORT=8080
DOMAIN: Aqui we will put the dominion to which our network belongs
Example: DOMAIN:PRUEBAS
USER: Name of user of access to proxy of M$
Example: USER:RAUL
PASSWORD: Password that has assigned to us to accede to proxy of M$
Example: PASSWORD:winkk_sucks
We kept the file and we executed main.py.
Theoretically everything would have to work, but.... that it happens if to accede to proxy we did not need password? since we can have a small problem, and is that the field password cannot be left emptiness because then us pedira password by line of commandos, and does not accept not by answer, the solution is the following one.
Necessary material: Mcedit (at least it is with which I have used)
Let us come to solve the problem:
Once made all the configuration of the file server.cfg (having left to the field password in target), we will do the following thing:
dd bs=1 count=1 if=/dev/zero of=zero.tmp
cat zero.tmp > > server.cfg
Now the good thing comes:
mcedit server.cfg
We go away to the last line and we will see that it appears a point selected in black, we put ourselves on him and we selected it with F3 and the key of lateral displacement (cursor), will be put of green color, we return to give F3 and with the cursors we go away to where = puts PASSWORD and we give the F6 key, now it must put something like:
PASSWORD =.
We kept and we executed main.py
Configuration of the client
In the option of proxy of our navigator, only which we will have to do is to put like server localhost and like port the 5865
I hope that it has served to you as something, at least I now I can enjoy the connection to Internet under linux in my company.
Sources of the information:
www.tldp.org
www.freshmeat.net
List of connections of this article:
1. http://freshmeat.net/projects/ntlmaps/
Best Regards.
Farrukh Ahmed
very informative
i always asked the NW admin to add my entry and allow me... Thanks Again
Regards
BQ
BQ
-
LinuxFreaK
- Site Admin
- Posts: 5132
- Joined: Fri May 02, 2003 10:24 am
- Location: Karachi
- Contact:
Re:
Dear Newbie,
Salam,
Sir, I think mostly DCN Admins used Windows 2000 Advanced Server as their Server and i think they don't have any idea about MAC Address thats why they were useing Authrentication Method
Best Regards.
Salam,
Sir, I think mostly DCN Admins used Windows 2000 Advanced Server as their Server and i think they don't have any idea about MAC Address thats why they were useing Authrentication Method
Best Regards.
Farrukh Ahmed
-
zaeemarshad
- Lieutenant Colonel
- Posts: 660
- Joined: Sat Jul 06, 2002 12:35 pm
- Location: Islamabad
- Contact:
Re:
What i think is the authenticaion problem is that ISA server used by DCNs is asking for authentication that is not supported by linux as i read in the ISA server 2000 book. it doesnt has to do anything with simple authentication. correct me if i am wrongLinuxFreaK wrote:Dear Newbie,
Salam,
Sir, I think mostly DCN Admins used Windows 2000 Advanced Server as their Server and i think they don't have any idea about MAC Address thats why they were useing Authrentication Method
Best Regards.
Regards
Zaeem
-
LinuxFreaK
- Site Admin
- Posts: 5132
- Joined: Fri May 02, 2003 10:24 am
- Location: Karachi
- Contact:
Re:
Dear Zaeem Arshad,
Salam,
Sir, I taked with many peoples like who are helping peoples internationally about M$ ISA Server.... you can do browse but the problem faceing form the DCN's User is they can't connect their MSN, Yahoo and IRC on Linux and i find NTLMAPS and another one project which i found at http://freshmeat.net Kizome's ISA Piercing Tool whcih can do the same thing but i did not tested it
Best Regards.
Salam,
Sir, I taked with many peoples like who are helping peoples internationally about M$ ISA Server.... you can do browse but the problem faceing form the DCN's User is they can't connect their MSN, Yahoo and IRC on Linux and i find NTLMAPS and another one project which i found at http://freshmeat.net Kizome's ISA Piercing Tool whcih can do the same thing but i did not tested it
Best Regards.
Farrukh Ahmed
-
LinuxFreaK
- Site Admin
- Posts: 5132
- Joined: Fri May 02, 2003 10:24 am
- Location: Karachi
- Contact:
Re:
Dear All PLUCian's,
Salam,
# service ipchains status
# service iptables status
Second check your route...
# route -n
if you won't see there line like
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
then add route...
# route add -net 0.0.0.0 gw 192.168.0.1
Third try to telnet to messenger.hotmail.com 1863 and check the result.
[linux@freak remote]$ telnet messenger.hotmail.com 1863
Trying 207.46.104.20...
Connected to messenger.hotmail.com.
Escape character is '^]'.
Best Regards.
Salam,
First make sure that your firewall is disabled.s_ahmed_h wrote:Yaar this is not enough explanatory, I mean its not much helpful. I tried to use GAIM but invain. I have to connect gaim and i'm behind MS ISA server. Please be more specific in this regard.
# service ipchains status
# service iptables status
Second check your route...
# route -n
if you won't see there line like
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
then add route...
# route add -net 0.0.0.0 gw 192.168.0.1
Third try to telnet to messenger.hotmail.com 1863 and check the result.
[linux@freak remote]$ telnet messenger.hotmail.com 1863
Trying 207.46.104.20...
Connected to messenger.hotmail.com.
Escape character is '^]'.
Best Regards.
Farrukh Ahmed