Configuring the Squid service

Support

Support for business applications

Kaspersky Web Traffic Security 6.x

Appendix 2. Configuring integration of the Squid service with Active Directory

Configuring NTLM authentication

Configuring the Squid service

December 13, 2023

ID 166844

These instructions are applicable if Kaspersky Web Traffic Security was installed from an RPM or DEB package to a ready-to-use operating system. If Kaspersky Web Traffic Security was installed from an ISO file, configuration files for the built-in proxy server cannot be manually changed.

To configure the Squid service:

Add the following strings to the beginning of the /etc/squid/squid.conf file:
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --domain=<NetBIOS name of the Active Directory domain>

auth_param ntlm children 100 startup=0 idle=10

auth_param ntlm keep_alive off

acl authenticated_user proxy_auth REQUIRED

http_access deny !authenticated_user
To enable event logging in debug mode, in the /etc/squid/squid.conf file, add the --diagnostics parameter to the following string:
auth_param ntlm program /usr/bin/ntlm_auth --diagnostics --helper-protocol=squid-2.5-ntlmssp --domain=<NetBIOS name of the Active Directory domain>

Debug events will be written to the file /var/log/squid/cache.log.
Restart the Squid service. To do so, execute the command:
service squid restart

Configuration of the Squid service will be complete.

Kaspersky Endpoint Security for Business Advanced: Adaptive security of your company

Web and device controls. Data encryption. Centralized and convenient management from a single console.

Kaspersky Premium Support (MSA): High‑priority incident processing

Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).

Did you find this article helpful?

What can we do better?

Thank you for your feedback! You're helping us improve.