Guest

Preview Tool

Cisco Bug: CSCvt88710 - webvpn-l7-auth: "NTLMV2" Domain name should be converted to uppercase when entered in lowercase

Last Modified

May 08, 2020

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

9.8(4)

Description (partial)

Symptom:
As per NTLMV2 protocol, the domain name should first be converted into upper case and then the hash should be calculated. The problem is by default whenever users enter the domain name in lower cases, the NTLMv2 authentication fails and it automatically falls back to NTLVv1 which is a security risk for the customer and therefor customer would like to fix this issue. The same setup works fine with smart tunnel but it’s not working without smart tunnel.

Conditions:
Clientless SSL VPN
NTLM authentication
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.