Kerio Tech Firewall6 Network Router User Manual


 
Chapter 23 Troubleshooting
368
Explorer sends saved login data instead of NTLM authentication of the user cur-
rently logged in. Should any problems regarding NTLM authentication arise, it is
recommended to remove all usernames/passwords for the server where WinRoute
is installed from the Password Manager.
Firefox/Netscape/Mozilla/SeaMonkey
The browser displays the login dialog. For security reasons, automatic user authen-
tication is not used by default in the browser. This behaviour of the browser can be
changed by modification of configuration parameters see below.
If authentication fails and direct connection is applied, the firewall’s login page is
opened automatically (refer to chapter 9.2). The login dialog is displayed if proxy
server is used.
Note: If NTLM authentication fails by any reason, details are recorded in the error log
(see chapter
20.8).
Firefox/Netscape/Mozilla/SeaMonkey configuration
Configuration can be changed to enable automatic NTLM authentication leaving out
the login dialog. To set this, follow this guidance:
1. Insert about:config in the browser’s address bar. The list of configuration para-
meters is displayed.
2. Set corresponding configuration parameter(s) using the following instructions:
For direct connection (proxy server is not set in the browser):
Look up the network.automatic-ntlm-auth.trusted-uris parameter. Use
the WinRoute host’s name as a value for this parameter (e.g. server or
server.company.com). This name must match the server name set under Con-
figuration Advanced Options Web Interface (see chapter 9.1).
Note: It is not possible to use IP address as a value in this parameter!
If WinRoute proxy server is used:
Look up the network.automatic-ntlm-auth.allow-proxies parameter and
set its value to true.
Configuration changes are applied right away, i.e. it is not necessary to restart the
browser.