Description
When using an NG-5100 appliance as a next proxy for the NG-5400 SSL appliance, and using NTLM authentication on the NG-5100, all SSL traffic fails.
Symptoms
The SSL traffic fails when the NG-5400 is configured as next proxy to the NG-5100. When the NG-5400 routes directly to the internet (and not through NG-5100 as next proxy) the SSL traffic works correctly.
Cause
The NG-5100 tries to authenticate every session which passes through it. However, since the NG-5400 has no credentials to authenticate with which are compliant with NTLM authentication, the session fails and an error message is displayed to the user.
Solution
While using authentication, an NG-5400 SSL appliance, as well as the NG-5100 appliance, MUST have direct access to the Internet.
- This article was previously published as:
- Finjan KB 1268