protocol smb2 signing ntlm-bypass enable

Configuration Mode Commands : SteelHead configuration commands : protocol smb2 signing ntlm-bypass enable

Enables the pass through of NTLM connections during SMB2 signing.

Syntax

[no] protocol smb2 signing ntlm-bypass enable

Usage

You must enable SMB2 and join a domain before enabling SMB2 signing. For details on SMB2, see the SteelHead User Guide and protocol cifs smb signing enable.

This command supports customers who need to comply with Security Technical Implementation Guides (STIGs) SRG-NET-000521-ALG-000002 that require that NTLM authenticated traffic be bypassed. STIG compliance is provided on a per-protocol level so you can selectively choose which protocol needs to run in STIG compliance mode.

This command is disabled by default. You configure this command on the server-side SteelHead and it requires a service restart.

The no command option disables NTLM pass through of connections during SMB2 signing.

Example

amnesiac (config) # protocol smb2 signing ntlm-bypass enable

amnesiac (config) # protocol smb2 signing enable

amnesiac (config) # service restart

SteelHead CX, SteelHead-v, SteelHead-c

Related Commands

show protocol cifs smb signing status

Product

SteelHead CX, SteelHead-v, SteelHead-c