When enabling a proxy with authentication (IWA, NTLM), using Firefox still prompts for user credentials to the WCG.
By default, Firefox does not automatically send an NTLM response when users are being authenticated.
In the Firefox address bar, type the following:
Search for the following setting:
Edit the string value (Kerberos) to include the IP(s) (including any VIP address), host, and fully qualified domain name of the Content Gateway. You may even want to add the active directory FQDN.
NOTE: Due to the nature of how transparent proxy works, NTLM authentication will look like it is coming from the destination site even though it is really Websense Content Gateway that is making the request. If you are using a transparent proxy implementation, you will want to change the string value to:
@echo off echo ================================== echo Enabling Firefox Proxy Auth echo ================================== cd /D "%APPDATA%\Mozilla\Firefox\Profiles\*.default*" echo user_pref("network.automatic-ntlm-auth.trusted-uris", "http://,https://,ftp://");>>prefs.js echo. echo Done! pause