Chapter 23 Troubleshooting

Explorer sends saved login data instead of NTLM authentication of the user cur- rently logged in. Should any problems regarding NTLM authentication arise, it is recommended to remove all usernames/passwords for the server where WinRoute is installed from the Password Manager.

Firefox/Netscape/Mozilla/SeaMonkey

The browser displays the login dialog. For security reasons, automatic user authen- tication is not used by default in the browser. This behaviour of the browser can be changed by modification of configuration parameters — see below.

If authentication fails and direct connection is applied, the firewall’s login page is opened automatically (refer to chapter 9.2). The login dialog is displayed if proxy server is used.

Note: If NTLM authentication fails by any reason, details are recorded in the error log (see chapter 20.8).

Firefox/Netscape/Mozilla/SeaMonkey configuration

Configuration can be changed to enable automatic NTLM authentication — leaving out the login dialog. To set this, follow this guidance:

1.Insert about:config in the browser’s address bar. The list of configuration para- meters is displayed.

2.Set corresponding configuration parameter(s) using the following instructions:

For direct connection (proxy server is not set in the browser):

Look up the network.automatic-ntlm-auth.trusted-uris parameter. Use the WinRoute host’s name as a value for this parameter (e.g. server or server.company.com). This name must match the server name set under Con- figuration Advanced Options Web Interface (see chapter 9.1).

Note: It is not possible to use IP address as a value in this parameter!

If WinRoute proxy server is used:

Look up the network.automatic-ntlm-auth.allow-proxies parameter and set its value to true.

Configuration changes are applied right away, i.e. it is not necessary to restart the browser.

368

Page 368
Image 368
Kerio Tech Firewall6 manual Firefox/Netscape/Mozilla/SeaMonkey configuration, 368