The browser displays the authentication pop-up but credentials are not accepted from the client machine.
Authentication NTLM 407 test might be successfull from the Symantec Web Gateway (SWG) Interface when in Proxy mode.
To enable NetBIOS Over TCPIP from the Network Interface Card Properties on the Domain Controller.
Ensure compatibility with NTLMv1 and NTLMv2
SWG Inline mode only supports NTLMv1. Some configuration changes might be required on some Operating Systems.
If you do not make the necessary changes, you may encounter the following issues:
Windows 7 and Vista and Inline mode
Windows Vista and Windows 7 require a group policy change to use the NTLMv1 protocol instead of NTLMv2.
Other versions of Windows can also have this issue if your organization's security policy does not support NTLMv1. If you do not make this change, it can affect authentication for users at your site.
You must perform this procedure on every computer that runs Windows Vista and Windows 7 in your network. You can use the Active Directory group policy to make this change for all computers.
To configure NTLM compatibility for Windows Vista and Windows 7
Windows XP SP3 and Proxy mode
Configuring NTLMv2 compatibility for Windows XP allows your Windows clients to only use NTLMv2 authentication and refuse other security.
If you change to this high level of security, it is not easy to connect to other Windows computers without equivalent security settings.
To configure NTLMv2 compatibility for Windows XP
Windows XP SP2 and Outlook 2003
Check the following technote: Configuring NTLM compatibility for Outlook 2003 and Windows XP SP2
MacOS and Unix/Linux
Refer to your operating system documentation for information about NTLM integration.
Symantec Web Gateway (SWG) has been deployed in one of the following operating modes:
The Authentication has the option Use LDAP to identify end user enabled and enable NTLM authentication is enabled.
NTLM tests are successful.
Authentication policies have been created and sucessfully tested.