Configuring Windows Vista and Windows 7 for NTLM compatibility with SWG in Inline mode
Last Updated March 10, 2014
Windows Vista and Windows 7 clients cannot authenticate using NTLM.
Symptoms Windows Vista and Windows 7 clients cannot browse the internet as there is an issue authenticating using NTLM on the Symantec Web Gateway.
Windows Vista and Windows 7 requires a group policy change to use the NTLMv1 protocol instead of NTLMv2. Other versions of Windows can also have this issue if your organization's security policy does not support NTLMv1. If you do not make this change, it can affect authentication for users at your site.
You must perform this procedure on every computer that runs has this issue in your network.
Alternatively, you can use the Active Directory group policy to make this change for all computers.
To configure NTLM compatibility for Windows Vista or Windows 7
1 Click Start > All Programs > Accessories > Run and type secpol.msc in the Open box, and then click OK.
2 Click Local Policies > Security Options > Network Security: LAN Manager authentication level.
3 Click SendLM& NTLM - use NTLMv2 session security if negotiated.
4 Click Apply.
References SWG Implementation Guide
Imported Document ID: TECH132917
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe