Cannot understand Microsoft's Recommendation for Outlook Anywhere - "NTLM authentication over Secure Sockets Layer (SSL)"
Posted on 2010-09-01
here is an Microsoft statement which I don't understand:
"If you are using a firewall that does not handle NTLM, you will have to use Basic authentication over SSL"
Question: Why the firewall needs to handle NTLM? it's just an authentication method, not a netowrk transfer protocal like RPC or SMTP with a tcp port binding to. Shouldn’t Firewall handle SSL be sufficient? SSL encrypted the traffic in SSL tunnel from CAS server end to Outlook client end, shouldn’t it pass through the firewall if the firewall has been told to pass SSL traffic? why has anything to do with NTLM? I am confused, Please help.
thanks in advance,