ISA Proxy configuration for Ubuntu

Symtom: To configure ISA proxy in Ubuntu where ubuntu accepts windows authentication

Solution: There are two tools are available for authenticating ISA server.



Installation procedure:

Download url for NTLMAPS ubuntu oneiric:

Step 1:  dpkg –install <package name>

Step 2: Configure the program:

Listen port: 5865
Parent Proxy:
(e.g. enter the name or address of your proxy,
do not enter the port as “”
as this will be taken care of in the next step)
Parent Proxy Port: port_number (usually 8080)
NT Windows Domain: domain_name (your domain)
NT Windows Username: user_name (the user name you will authenticate with)
NT Windows Password: password
(the password you will use to authenticate with the
ISA Proxy)

Step 3: Check the service ntlmap available /etc/init.d/ntlmaps

Step 4:  If it installed properly you should be able to see it with these commands :- ps aux | grep ntl

Step 5: To reconfigure the program $sudo dpkg-reconfigure ntlmaps

Step 6:  Create a file /etc/apt/apt.conf.d/proxy and input the following line:


Step 7:  Reconfigure System->Preferences->”Network Proxy” to point to localhost:5865 with _no_ authentication. Also reconfigure your GUI Package managers similarly.

Step 8: restart the system and check

Also check in the export environment.

Check if the proxy setting have been updated properly.

$ export | grep proxy

You should see something exactly like this:

$declare -x ftp_proxy=”
$declare -x http_proxy=”
$declare -x https_proxy=”

also check your etc/apt/apt.conf file to see if the proxyies have been changed to

Now test to see if wget works from a command line


It should display that it is checking, and download the correct file.
If it fails then something is wrong with NTLMaps setup.

Your Synaptic Package manager should be working correclty now as well.

Ref url :

Installation procedure for CNTLM

Step 1: download the application from the url

Step 2: dpkg -i <package name>

Step 3:  Edit /etc/cntlm.conf file to have following information.

Username username
Domain domainname
Password password
Proxy **proxy server IP**:8080
Listen 3128

Step4: Set my username ,domain, password

$cntlm -I -M

It asked password.I entered my password.The following lines appeared:

Config profile 1/4… OK (HTTP code: 302)

—————————-[ Profile 0 ]——

Auth NTLMv2 PassNTLMv2 90BA1F766F17FF732ACB9B48BC65E93E

Step 5: Check the service cntlm by /etc/init.d/cntlm status

Step 6:  Create a file /etc/apt/apt.conf.d/proxy and input the following line


Step 7: Restart the system and check.

Ref url :

Update :

Error scenario: I configured cntlm in Ubuntu for the connectivity to ISA proxy server.

My network administrator restarted the ISA proxy server, after that I can able to browse and unable to do sudo apt-get.

I am getting an error message “

  1. 502 Parent proxy unreachable
  2. Connection to proxy failed, bailing out when I do cntlm –M


Root cause: My Ubuntu machine unable to contact Proxy server, since it is in different segment.

502 Bad Gateway – The server was acting as a gateway or proxy and received an invalid response from the upstream server

Solution: please do route add to enable access to the proxy server network segment.

Eg. $ sudo route add –net netmask etho  (or)

$ sudo route add –net netmask gw

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: