NTLM security credentials warning over VPN

Showing results for 
Search instead for 
Did you mean: 

NTLM security credentials warning over VPN

Not applicable


We have a couple of Linux Samba servers that can only talk NTLM 0.12 dialect(this is from packet captures).

If I am connecting to a Linux Samba share from the internal LAN my Win 7 client(that supports up to SMB 2.0) negotiates down to NTLM 0.12 and connects using cached credentials.

If I am connecting to a Linux Samba share from client VPN, then Win 7  asks for credentials and presents a warning message:

"The systems detected a possible attempt to compromise security. Please make sure you can contact the server that authenticated you"

After supplying credentials it can access the share fine.

Packet captures in both cases look exactly the same.

If I am accessing a fileshare that supports SMB 2.0 dialect there are no prompts for password when accessing over LAN or VPN.

Why does it present a credentials form when connected over VPN but not over LAN? Has anybody seen this too?

I dont think this is a VPN issue, but maybe people here have seen this before.

Thank you in advance,


L4 Transporter

Please make sure that WINS servers are correctly configured for your SAMBA servers. The SMB protocol uses broadcasts which don't traverse through forwarded interfaces unless they are properly bridged, so you need to make sure the windows clients have the correct WINS info.  Also, I recommend verifying DNS settings on the client, and that valid entries exist for the SAMBA servers if they are being accessed by name.

Thank you for your reply ggarison,

We went through the troubleshooting exercises, like you described, have not found any faults.

I think the most puzzling is that packet captures in both cases over VPN and over LAN are the same.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!