Tuesday, August 6, 2013

Getting through our ISA Firewall with CNTLM

Our ISA proxy is a pain, The Microsoft ISA proxy client works for most Windows-aware programs, but not with command-line programs such as the GNU utilities, Git, etc.

A simple solution is CNTLM.  On windows, this runs as a service.  It stores your Windows account info in an encrypted format and you can easily point all your applications to use it either directly, or through an environment variable.

You can download it at http://cntlm.sourceforge.net/  and install the windows version.

Then open a console and navigate to the directory (C:\Program Files (x86)\Cntlm)

Edit the cntlm.ini file and modify the following info:
Username <your username>
Domain <your windows domain>
#Password password
Proxy <yourproxy.com>:<port>

Then run:  cntlm -H

Enter your encrypted NTLMv2 password and enter it into the .ini file.

Add the following to your environment variables: http_proxy=http://localhost:3128

(re)start the cntlm windows service.