SMB signing Credential User name and password does not get populated

Solution

Overview

 SMB Signing is a Microsoft-devised security mechanism that attempts to prevent man-in-the-middle atacks.

This feature available under the CIFS Proxy, when enabled the signatures are added to the packet header while the user uses the CIFS proxy.

It is noticed that the User name and password entered post enabling the SMB credential in Proxy SG version 6.2.x does not get populated.

Below are the test cases. 

TEST CASE 1:
Configured a standalone 5.5  version with the SMB signing credential which was replicated in the show config as shown below. 

!- END access_logging
!- BEGIN proxies
cifs ;mode
optimize traffic enable
username test
encrypted-password
"RZEyrz73zwboHSKmXRuRHIbX602l/ussfwZn4SltfjZdcFAN9X2in6P7QilglfcHilf6BMBCOqY5HslE7fXLuDRm5/NsOId84/thBt+iJwajrzkMuXU1eoANVG56Wa7GqDc50weMWy7kjaq4PMciIxfvrl1eMT6X2347VHj67Dw="
domain btc
exit

TEST CASE 2:
Configured a standalone 6.2 version with the SMB signing credential, this was not replicated in the show config

END application_delivery_network
!- BEGIN proxies
cifs ;mode
remote-storage-optimization enable
exit
mapi ;mode
keep-alive max-sessions 100
exit

Because of this behavior, customers using the  Director trying to import configuration to version 6.2 was not able to see the SMB signing which seems to
be missing.

 

NOTE: This issue has been reported to Bluecoat Engineering.  If you see this issue, please log a Service Request, and quote this article

 

 

Cause
Resolution
Workaround
Additional Information
Bug Number
InQuira Doc IdFAQ1652
Attachment

Article Feedback

Did this Article solve your issue?
Additional Comments:
 
Previous MonthNext Month
SunMonTueWedThuFriSat