With the Symantec Endpoint Protection (SEP) client installed, there is a problem authenticating with a proxy server. The proxy server is using NTLM authentication.
The "TCP resequencing" option is enabled in the SEP firewall policy.
When capturing the network traffic errors such as "TCP Previous segment lost", "TCP Dup ACK" or "TCP Retransmission" may be seen, following the first GET request to the proxy. The HTTP 407 "Proxy Authentication Required" packet is never sent.
The "Stealth Settings" inside the SEP firewall policy provides additional protection against issues such as OS fingerprinting, but can cause compatibility problems with certain 3rd party tools. The stealth settings should only be enabled across the network after compatibility has been verified.
In the Symantec Endpoint Protection Manager (SEPM) console, locate the firewall policy for the group that the client experiencing the issue belongs to.
Edit the firewall policy and disable the "TCP resequencing" option on the "Traffic and Stealth Settings" tab.
Imported Document ID: TECH177149
Subscribing will provide email updates when this Article is updated. Login is required.