Kerio Tech KERIO WINROUTE FIREWALL 6 User Manual

25.3 Automatic user authentication using NTLM

341

General conditions

The following conditions are applied to this authentication method:

1.

WinRoute Firewall Engine is running as a service or it is running under a user account with

administrator rights to the WinRoute host.

2.

The server (i.e. the WinRoute host) belongs to a corresponding Windows NT or Active

Directory (Windows 2000/2003/2008) domain.

3.

Client host belongs to the domain.

4.

User at the client host is required to authenticate to this domain (i.e. local user accounts

cannot be used for this purpose).

5.

The NT domain or the Active Directory authentication method (see chapter

15.1

) must be

set for the corresponding user account under WinRoute. NTLM cannot be used for users

authenticated only internally inside WinRoute.

WinRoute Configuration

NTLM authentication of users from web browsers must be enabled in Users → Authentica-
tion Options. User authentication should be required when attempting to access web pages,

otherwise enabling NTLM authentication is meaningless.

Figure 25.1

NTLM — user authentication options