Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AD SSO - Cannot establish NTLM authentication channel with xxx

Hi,

We use AD SSO and Ketboros and everything is working fine however we are getting this message in the logs 'Cannot establish NTLM authentication channel with xxx' Message ID 17945. What is this and how can we stop it please ?

Many thanks

Ed



This thread was automatically locked due to age.
Parents
  • Hello  ,

    Thank you for reaching out to the community, are you facing this issue after the firmware upgrade ?
    May we know what is the current firmware running on the appliance ?

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Technical Support, Global Customer Experience

    Log a Support Case | Sophos Service Guide
    Best Practices – Support Case  | Security Advisories 
    Compare Sophos next-gen Firewall | Fortune Favors the prepared
    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

  • Hi,

    We are on the latest which 19.0.1 MR1. I think this has been happening before this. Apil 9th 2021 15:29 was the last time it seemed to not have the errors. Since then, they are constant. At the exact same time this error occurs we get a message stating a collector CTA was added. It appears to be STAS due to the timings.

    messageid="17816" log_type="Event" log_component="Appliance" log_subtype="System" additional_information="" message="Appliance started successfully." 
    messageid="17945" log_type="Event" log_component="AD SSO" log_subtype="Authentication" status="Failed" user="" user_group="" client_used="" auth_mechanism="" reason="" src_ip="x.x.x.x" message="Cannot establish NTLM authentication channel with WETHECURIOUS" name="" src_mac="" 
    messageid="17940" log_type="Event" log_component="CTA" log_subtype="System" additional_information="" message="CTA Suite added/updated  the active collector list to 'x.x.x.x' " 

    Thanks

    Ed

Reply
  • Hi,

    We are on the latest which 19.0.1 MR1. I think this has been happening before this. Apil 9th 2021 15:29 was the last time it seemed to not have the errors. Since then, they are constant. At the exact same time this error occurs we get a message stating a collector CTA was added. It appears to be STAS due to the timings.

    messageid="17816" log_type="Event" log_component="Appliance" log_subtype="System" additional_information="" message="Appliance started successfully." 
    messageid="17945" log_type="Event" log_component="AD SSO" log_subtype="Authentication" status="Failed" user="" user_group="" client_used="" auth_mechanism="" reason="" src_ip="x.x.x.x" message="Cannot establish NTLM authentication channel with WETHECURIOUS" name="" src_mac="" 
    messageid="17940" log_type="Event" log_component="CTA" log_subtype="System" additional_information="" message="CTA Suite added/updated  the active collector list to 'x.x.x.x' " 

    Thanks

    Ed

Children