Tutorial - How To Use Dropbox Behind A Corporate Proxy Server Using CNTLM - I Code and Code

21-11-13
Tutorial: How to use Dropbox behind a corporate proxy server using CNTLM | I code and code
20th February 2012 Tutorial: How to use Dropbox behin d a corporate proxy server using C NTLM
So you want to use dropbox behind a corporate proxy/firewall. You've probably faile d due to connection issues, caused by the advanced authentication method your co rporate proxy requires. In this guide we will create a local authentication proxy using CNTLM, and pass all d ropbox traffic through it instead of your normal proxy. This isn't just a dropbox proxy, in fact it has very little to do with dropbox. It's a perfe ct solution for any app that needs an authentication proxy (meaning it can't authenti cate through your normal proxy).
[http://2.bp.blogspot.com/-mN59TN0lhcE/T0EpepiJItI/AAAAAAAAAVo/iKYXBgMsuVM/s1 600/dropbox1.png]
Does this look familiar? Then this guide is for you.
Don't worry, it's easier than it sounds.
Step 1: Install CNTLM

Get it from the CNTLM homepage [http://cntlm.sourceforge.net/] . Installation is as sim ple as running the installer. There are no complicated configurations.
www.icodeandcode.com/2012/02/tutorial-how-to-use-dropbox-behind.html
1/12
21-11-13
Step 2: Configure CNTLM

Open up cntlm.ini in a text editor. Notepad will do just fine. You'll need to edit the foll owing sections:
U s e r n a m e[ Y o u ru s e r n a m e .I t ' st h eo n ey o uu s et ol o go nt oy o u rc o m p u t e ra tw o r k ] D o m a i n[ Y o u rd o m a i n .I fy o ud o n ' tk n o wi tl o o ki nC o n t r o lP a n e l> S y s t e ma n dS e c u r i t y > S y s t e mC o n f i g u r a t i o n ] P a s s w o r d[ Y o u rp a s s w o r d ] P r o x y [ Y o u rc o r p o r a t ep r o x ya d d r e s s .F i n dt h i so u tf r o my o u rb r o w s e rs e t t i n g so raf e
l l o ww o r k e ro re v e na nI Tp e r s o n .Y o uc a ne n t e rm o r et h a no n ei fy o u rc o m p a n ye m p l o y sa f e wp r o x i e s ]
L i s t e n [ P o r tn u m b e r .D e f a u l ti s3 1 2 8a n dt h e r ei sn or e a s o nt oc h a n g ei tu n l e s sy o uh a p p e nt oh a v ea n o t h e rs e r v e rl i s t e n i n go nt h a tp o r t . ]
If you're worried about leaving your password as plain text in the config file, you pro bably should. You can store an encrypted password instead [http://icodeandcode.blog spot.com/2012/10/advanced-cntlm-secure-configuration.html] .
HANNOVER MESSE 2014

www.hannovermesse.de/Start_Me_Up Here is your chance for a trade fair stand at HANNOVER MESSE 2014.
Step 3: Determine the authentication method your corporate proxy uses

Open up a command line window (just run cmd) and run c n t l mMh t t p : / / g o o g l e . c o m (The capital M is important!) This will run CNTLM in diagnostic mode and test the connection against google.com , then provide us the information we need to continue. Your output should look simil ar to this:
C o n f i gp r o f i l e 1 / 4 . . .O K( H T T Pc o d e :3 0 1 ) [P r o f i l e 0 ] A u t h N T L M v 2 P a s s N T L M v 2 [ ap a s sp h r a s e ] -
What we need to note is the authentication method. In this case, it's NTLMv2.
Step 4: Final CNTLM Configuration

Open up cntlm.ini in a text editor again. You'll need to edit the Auth section:
www.icodeandcode.com/2012/02/tutorial-how-to-use-dropbox-behind.html 2/12
21-11-13
A u t h[ T h ea u t h e n t i c a t i o nm e t h o dw ee s t a b l i s h e di ns t e p2 .I nt h i se x a m p l ei t ' sN T L M v 2 ]
S tep 4: Configure Dropbox
[http://1.bp.blogs pot.com/-lZiq7gHjPQA/T0EphxL5-eI/AAAAAAAAAVw/W-84pg0B19g/s1600/dropbox2.png]
Make sure the port number is the same is the Listen paramter you configured in cntlm.ini in step 3
All done! Let me know in the comments if you have any questions.
FAQ
I can't install CNT LM, what do I do? Maybe because you're getting this error: "You must be logged in as an administrato r when installing this program", maybe because you don't want to install stuff on so meone else's computer. You can download the portable version of CNTLM [http://ico deandcode.blogspot.com/2012/10/tutorial-cntlm-portable.html] . It requires no installation. You'll just have to run it manually to get it started. Then continue normally. CNT LM says I don't need another proxy but I still can't connect to drop
21-11-13
box Make sure to go over the dropbox connection checklist [https://www.dropbox.com/help /23/en] :
Allow "Dropbox" (or "Dropbox.exe" in Windows) access to ports 80 (HTTP) and 443 (HTTPS) The LAN Sync feature [https://www.dropbox.com/help/137] requires access t o port 17500 (recommended) Add Dropbox to your firewall's list of approved websites (whitelist), or make sure it's not on its blacklist You may need to allow "*.dropbox.com" to access the internet I don't want to just leave my password in the config file! Have a look at the advanced tutorial [http://icodeandcode.blogspot.com/2012/10/advanc
ed-cntlm-secure-configuration.html] .
NEW
Error: 'cntlm' is not recognized as an internal or external command
, operable program or batch file. You're not running cntlm from its installation directory, which is probably C:\Program Files (x86)\Cntlm. In the cmd window, type cd C:\Program Files (x86)\Cntlm and p roceed normally. Posted 20th February 2012 by Eran Goldin Labels: bypass, CNTLM, corporate firewall, corporate proxy, Dropbox, guide, how-to , tutorial
53
View comments
dvirus February 21, 2012 at 5:27 PM nice, CNTLM might be useful for other stuff to. Reply
Eran Goldin February 21, 2012 at 8:47 PM Yeah, it's useful for a lot of things that can't deal with your proxy at work. :) Reply
ptupper May 1, 2012 at 8:39 PM What about a corp network that doesn't appear to use a proxy server but in IE > > Connections >> LAN settings uses a proxy script? Because I need a passwor d to run cntlm -M http://google.com. Reply Replies attached May 30, 2012 at 1:17 PM
21-11-13
No need for test, just continue with further steps..it worked for me, I a m behind MS TMG with proxy script! Reply
attached May 30, 2012 at 1:18 PM and many thanks to author on this great tutorial Reply Replies Eran Goldin June 7, 2012 at 3:21 AM You're welcome buddy! :D Reply
Anonymous May 31, 2012 at 5:13 PM It works! Thank you for posting. Reply Replies Eran Goldin June 7, 2012 at 3:21 AM :D Reply
Anonymous July 19, 2012 at 2:31 PM Not sure whats going but when I try the step 3)cntlm -M http://google.com I get asked for my password and then the following: ========================================================= Password: Config profile 1/4... Auth not required (HTTP code: 301) Config profile 2/4... Auth not required (HTTP code: 301) Config profile 3/4... Auth not required (HTTP code: 301) Config profile 4/4... Auth not required (HTTP code: 301) Your proxy is open, you don't need another proxy. ========================================================= I definitely have a proxy as I cannot get to dropbox :( Reply Replies Eran Goldin July 26, 2012 at 2:19 AM That simply means that your proxy does not require any authenticati on. CNTLM is an authentication proxy and is therefore not needed. The fact that you can't connect to dropbox tells us there is somethin g else in the way. Perhaps dropbox is blocked in your corporate prox y.
21-11-13
I assume you have already tried entering the details of your work pro xy server and port in dropbox?
Anonymous September 19, 2012 at 12:36 PM Have indeed, must be a corporate proxy :(
Eran Goldin October 8, 2012 at 10:24 AM Have a look at the checklist in the FAQ. If you have any control over t hese issues, that is.
Anonymous October 9, 2012 at 4:23 PM I don't, BUT Google drive is working ;) Will use that instead :)
Anonymous July 2, 2013 at 4:37 PM Same here, Google Drive it is :P Reply
Anonymous August 3, 2012 at 2:13 PM Hi can not get the auth through the command line.... Reply Replies Eran Goldin August 4, 2012 at 2:03 PM Please be more specific :) Reply
Anonymous August 6, 2012 at 9:32 AM Thank you, so in the the third step when I run the certain command, I get something like "... the command is in not an internal or external valid command" (translation from g reek) and secondly in the workstation part I changed the "netbios_hostname" to my p c's actual name-correct? I don't know... FInally, when I start the session it seems that...it starts...however when I configu re dropbox I get connction error.... Thanks again! Reply Replies Eran Goldin September 21, 2012 at 7:28 PM Note that you have to run that command from command line when yo u are IN THE CNTLM INSTALL DIRECTORY.
6/12
21-11-13
Also, there's no need to change anything in the preferences beyond what this tutorial suggests. Besides, the netbios portion you've menti oned is COMMENTED OUT and means nothing unless UNCOMMEN TED. Naturally if it is misoconfigured, dropbox will not succeed in connecti ng. Let me know if you need more help! :) Reply
Anonymous September 19, 2012 at 6:59 PM How does it work if the company only uses an adress to a proxy script? Then i h ave no proxy adress and no port! Reply Replies Anonymous January 3, 2013 at 12:25 PM Does anybody have a solution for Proxy-Auto-Config Scripts??
Eran Goldin January 7, 2013 at 2:27 PM It's still possible to sniff out your proxy server using various http debu g tools. Reply
Anonymous October 2, 2012 at 3:59 AM Too bad. I can't even install CNTLM thanks to "You must be logged in as an ad ministrator when installing this program". (Win XP). Sigh. Reply Replies Eran Goldin October 3, 2012 at 9:58 AM I will add that to the tutorial very soon. :) Reply
Anonymous October 10, 2012 at 8:31 PM It worked!! Thank you very much! Reply
Agus December 18, 2012 at 5:42 PM I followed your tutorial. Now I can synchronize my Google Drive folder behind pro xy. Thank you very much. I have to skip step 3. I got respond something like "cntlm command is not recog nized". But it worked.
21-11-13
Reply Replies Eran Goldin January 2, 2013 at 5:18 PM That's great! Happy to hear. Luckily your proxy uses the same authentication method as mine. In case others get the same error, I've added that to the FAQ. Reply
Anonymous January 3, 2013 at 12:26 PM Does anybody have a solution for Proxy-Auto-Config Scripts?? Reply Replies Eran Goldin January 7, 2013 at 2:25 PM You could try and locating the proxy server address and proceed as usual. Reply
Anonymous January 10, 2013 at 5:34 PM Config profile 1/11... Connection closed Config profile 2/11... Connection closed Config profile 3/11... Connection closed Config profile 4/11... Connection closed Config profile 5/11... Connection closed Config profile 6/11... Connection closed Config profile 7/11... Connection closed Config profile 8/11... Connection closed Config profile 9/11... Connection closed Config profile 10/11... Connection closed Config profile 11/11... Connection closed You have used wrong credentials, bad URL or your proxy is quite insane, in which case try submitting a Support Request. This is the output i am getting when I am trying to test. Help me please.. Reply Replies Eran Goldin September 11, 2013 at 6:21 PM Have you configured cntlm.ini properly? Are you using encrypted or p laintext credentials? Reply
Luigi Palumbo February 12, 2013 at 5:15 PM No work :( and in my browser I cant see https://www.dropbox.com site blocked
21-11-13
by policy :( any idea? thank's a lot Reply Replies Eran Goldin September 11, 2013 at 6:24 PM Your corporate proxy is blocking the dropbox server. You can't use y our corporate network to connect to dropbox as they are intentionally preventing from doing that. You can try and bypass your corporate proxy by using a different pub lic proxy; this will result in failing to access your corporate intranet u nless you can configure multiple proxy servers. However, I recommend against it, as this would probably be frowned upon by your organization. Reply
Saad Nassar March 7, 2013 at 5:25 PM Hello, when I get to step 3 I get something about a POSIX paths. I cant get past this. Help please. Reply Replies Eran Goldin September 11, 2013 at 6:26 PM This is not an error, just a warning. Reply
Felix March 14, 2013 at 3:34 PM Great, now i can continue using dropbox. Thanks!!! Reply
Unknown April 7, 2013 at 12:09 AM Has someone tried this where dropbox, googledrive are blocked by firewall? The also do a certificate spoof so they can view https traffic Reply
Anonymous April 9, 2013 at 2:14 PM Thanks.. It works.. specially step 4 helped me a lot to configure cntlm. Reply
David Warner April 23, 2013 at 1:05 PM I have a great way to access incorporate sector in very easy way . Just a one cli ck and you can access dropbox no need to install any software and long proxy
21-11-13
patterns. I hope everybody will use this simple way. Access Dropbox from school Reply
Devang Patel June 18, 2013 at 2:49 PM Thanks a lot This work like a charm i ' ve been in search for solution long time Reply Replies Eran Goldin September 11, 2013 at 6:27 PM Happy to help! :) Reply
Anonymous June 21, 2013 at 8:17 PM Hi, it is not working with me. I can enter in the www.dropbox.com site. But when I try to connect with he dropbox app, it did not work. I need to use the 'PassNTLMv2 xxxxxxx' that the cntlm -M command show?! Reply Replies Eran Goldin September 11, 2013 at 6:28 PM No. If you follow the instructions exactly it should work. Reply
Nemesis June 30, 2013 at 2:31 PM in the command line after providing password it's showing Config profile 1/4... Connection to proxy failed, bailing out Could you please help me what should I do? Thanks //Sajib Reply Replies Eran Goldin September 11, 2013 at 6:28 PM Either your credentials are wrong, or your proxy address/port are wro ng. Reply
Abhishek Mishra July 17, 2013 at 5:34 AM Hi Eran, many thanks for that post, it was a revelation :)... the concept is workin
21-11-13
g for me ( testing for google etc if OK ) but somehow it is not handled by DropBo x... the username sent to the corporate proxy by cntlm is \None instead of the o ne configured against "Username" variable in the .ini file and hence "Access is D enied". Should I check for typo or formatting somewhere? Reply
Abhishek Mishra July 17, 2013 at 6:43 AM Correction, this should be the username sent by Dropbox itself as the command line tests for cntlm are successful, but there is not much options in DropBox, sti ll not able to make this work... Reply Replies Eran Goldin September 11, 2013 at 6:30 PM I believe your proxy connection should cause dropbox to prompt for a username and password. Did you manage? Reply
Anonymous July 26, 2013 at 5:02 PM What if the company is blocking the application (i.e., Dropbox.exe). The suggestion to "Allow "Dropbox" (or "Dropbox.exe" in Windows) access to p orts 80 (HTTP) and 443 (HTTP)" assumes you're able to modify the firewall and p ort settings. But aren't these usually controlled from a central location and push ed to all corporate PCs on the network? For example, in the firewall program on my corporate PC I see no option to edit or customize the firewall rules related to specific applications and ports. Thank you for any suggestions. Reply Replies Eran Goldin September 11, 2013 at 6:31 PM If your organization actively blocks dropbox, there's nothing you can do that a normal user would do. Reply
Storm Rider September 13, 2013 at 7:11 PM when I run cntlm -M http://google.com It ask me for a password ?? Help plz Reply
11/12
21-11-13
Enter your comment...
Comment as:
Google Account
Publish
Preview
Load more
Proxy Server
www.gfi.nl Bewaak en beheer uw netwerk in real-time. Download trial versie!
12/12

Tutorial - How To Use Dropbox Behind A Corporate Proxy Server Using CNTLM - I Code and Code

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Tutorial - How To Use Dropbox Behind A Corporate Proxy Server Using CNTLM - I Code and Code

Încărcat de

Drepturi de autor:

Formate disponibile

21-11-13

Don't worry, it's easier than it sounds.

Step 1: Install CNTLM

Step 2: Configure CNTLM

HANNOVER MESSE 2014

Step 3: Determine the authentication method your corporate proxy uses

Step 4: Final CNTLM Configuration

S tep 4: Configure Dropbox

Error: 'cntlm' is not recognized as an internal or external command

Anonymous July 2, 2013 at 4:37 PM Same here, Google Drive it is :P Reply

Enter your comment...

S-ar putea să vă placă și