I have the NAV 2013r2 Update 19 Web Client up and running with NAVUserPassword authentication.
I can log in with a non-domain user id and password in a browser on a machine in the domain using the machinename:8080/NAV/WebClient/Signin.aspx link.
We have NAT entries in the firewall to allow ports 8080 and 49000 and have pointed them at the service tier machine which is also running IIS.
I have the service tier configured correctly with a self-signed certificate thumbprint and certificates loaded locally.
I have the web.config file edited as outlined by Saurav Dhyani in his blogpost.
When I try the external address ipaddress:8080/NAV/WebClient/Signin.aspx I enter the same user id and password and I get a 401 Unauthorized access.
In the event log on the service tier I get the event logged as shown below.
Log Name: Security
Source: Microsoft-Windows-Security-Auditing
Date: 9/10/2015 2:55:28 PM
Event ID: 4625
Task Category: Logon
Level: Information
Keywords: Audit Failure
User: N/A
Computer: MDW-NAV01.LVI.local
Description:
An account failed to log on.
Subject:
Security ID: NULL SID
Account Name: -
Account Domain: -
Logon ID: 0x0
Logon Type: 3
Account For Which Logon Failed:
Security ID: NULL SID
Account Name: Permtest1
Account Domain:
Failure Information:
Failure Reason: Unknown user name or bad password.
Status: 0xC000006D
Sub Status: 0xC0000064
Process Information:
Caller Process ID: 0x0
Caller Process Name: -
Network Information:
Workstation Name: MYWORKSTATION
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: NtLmSsp
Authentication Package: NTLM
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
When I follow this ...
https://msdn.microsoft.com/en-us/librar ... 8(v=nav.71).aspx#WebClient - I get 500 - Internal server error and inside/outside are both broken.
Any ideas?
](*,)
Comments
Check that the setup for the spn's include both the internal ip and the name used when accessing the service from the outside.