Structure

A list of domains is created and maintained.
When a domain is added to the list, the authentication method is specified: IWA, Legacy NTLM, or LDAP. RADIUS is not supported.

Only domains on the domain list can be specified in authentication rules.

The domain list is created and maintained on the Configure > Security > Access Control > Domains tab. The domain list is stored in the auth_domains.config file.
Authentication rules identify users (clients) by IP address, inbound proxy port (explicit proxy only), and/or User-Agent values, and attempt to authenticate the user against a specified domain or list of domains.
Authentication rules are defined on the Configure > Security > Access Control > Authentication Rules tab. Rules are stored in the auth_rules.config file.

Note:
Credential caching configuration is performed on the Configure > Security > Access Control > Global Configuration Options tab. On that page you specify IP address caching, cookie caching, or both. The setting applies to both transparent proxy and explicit proxy traffic. When both IP address caching and cookie caching are specified, the IP addresses that cookie caching is applied to must be specified.

See Credential Caching for more information.