Is there a step by step document avialable for setting up the NTLM authentication and IOS via x509 on the same MWG?
From what I've read the "normal users" using either WCCP or 9090 via a proxy.pac autoconfig can use NTLM while IOS user using 9091(?) via a different proxy.pac autoconfig can use x509 with a limitation of having to browse somewhere via Safari to initiate the authentication for some non-x509 capable apps.
This is something I've been meaning to build on, see a similar post here:
So if I am reading your setup, you have WCCP going over 9090, and poxy users over 9091?
You want both types of users to use NTLM authentication, and if they fail, it will fall back to x509 time based auth?
We have WCCP clients but they are currently still using a WW 6.9.2. We have NTLM authenticated clients using 9090 via a proxy.pac file. We have IOS devices also using 9090 via a proxy.pac file and they are having to reauthenticate after their cached IP clears. We wanted to test using x509 for those clients to authenticate with. I understood that you could setup a different proxy.pac for them and set authentication on that port to x509. I was looking for some guidance on setting that up.