Firstly, Ensure that you are running with Proxy Server Version 4.0.13 or higher
(if available). A bug was noted in earlier releases which limited the functionality
of operation of the proxy server within an NTLM authentication scheme.

The bug id is: 6897536

The bug says that the proxy should present the following in the request header:

A proxy that correctly honors client to server
authentication integrity will supply the "Proxy-support: Session-
Based-Authentication" HTTP header to the client in HTTP responses
from the proxy.


Additionally, in order to configure the proxy to work with NTLM authentication,
it will ALSO be necessary to ensure the following configurations are set:

- This feature is disabled by default, and needs to be enabled using
the "PairedConnections" boolean flag in magnus.conf. Set this to TRUE

- The proxy will issue a "Proxy-support: ..." header only if the server's response headers contain a "WWW-Authenticate: NTLM" header.


More...