[squid-users] Using cache_peer for transparent NTLM authentication

Amos Jeffries squid3 at treenet.co.nz
Wed Dec 16 11:58:50 UTC 2015

On 16/12/2015 11:12 p.m., Antonio Petrelli wrote:
> Hello
> sorry if this question has been asked, and answered, already, I dug the
> mailing list archive but it is still not clear to me.
> Is it possible to use a cache_peer that supports NTLM authentication in a
> "transparent" way, so that the user of the Squid proxy does not need to
> enter any authentication and Squid does all the authentication by itself?

No that is not supported. And we have no intention of adding it, NTLM
has been deprected for nearly 10 years.

Squid supports performing Negotiate/Kerberos authentication to
cache_peer instead.

> Notice that, until now, I am using CNTLM to do this, however CNTLM has
> severe problems under Windows 8.

Notice that NTLM has increasingly severe problems under any Windows XP
SP3 or later system.


More information about the squid-users mailing list