Hi there, My stunnel client is on an Active Directory-authenticated XP workstation, which needs to connect via a web proxy that authenticates using NTLM. I populated my login details in protocolUsername and protocolPassword, but the connection just dies when it reaches the proxy server. Looking at the log, I get the following:- 2009.04.01 08:20:39 LOG6[2140:2892]: SSL connected: new session negotiated 2009.04.01 08:20:39 LOG6[2140:2892]: Negotiated ciphers: AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1 2009.04.01 15:34:09 LOG7[2140:2708]: ssh3 accepted FD=356 from 127.0.0.1:1026 2009.04.01 15:34:09 LOG7[2140:2708]: Creating a new thread 2009.04.01 15:34:09 LOG7[2140:2708]: New thread created 2009.04.01 15:34:09 LOG7[2140:3896]: ssh3 started 2009.04.01 15:34:09 LOG7[2140:3896]: FD 356 in non-blocking mode 2009.04.01 15:34:09 LOG7[2140:3896]: TCP_NODELAY option set on local socket 2009.04.01 15:34:09 LOG5[2140:3896]: ssh3 accepted connection from 127.0.0.1:1026 2009.04.01 15:34:09 LOG7[2140:3896]: FD 472 in non-blocking mode 2009.04.01 15:34:09 LOG7[2140:3896]: ssh3 connecting 129.32.20.14:8080 2009.04.01 15:34:09 LOG7[2140:3896]: connect_wait: waiting 10 seconds 2009.04.01 15:34:09 LOG7[2140:3896]: connect_wait: connected 2009.04.01 15:34:09 LOG5[2140:3896]: ssh3 connected remote server from 130.32.82.203:1027 2009.04.01 15:34:09 LOG7[2140:3896]: Remote FD=472 initialized 2009.04.01 15:34:09 LOG7[2140:3896]: TCP_NODELAY option set on remote socket 2009.04.01 15:34:09 LOG5[2140:3896]: Negotiations for connect (client side) started 2009.04.01 15:34:09 LOG7[2140:3896]: -> CONNECT xxxx.ath.cx:443 HTTP/1.1 2009.04.01 15:34:09 LOG7[2140:3896]: -> Host: xxxx.ath.cx:443 2009.04.01 15:34:09 LOG7[2140:3896]: -> Proxy-Connection: keep-alive 2009.04.01 15:34:09 LOG7[2140:3896]: -> Proxy-Authorization: NTLM TlRMTVNTUAABAAAAAgIAAA== 2009.04.01 15:34:09 LOG7[2140:3896]: -> 2009.04.01 15:34:09 LOG3[2140:3896]: Unexpected socket close (fdgetline) 2009.04.01 15:34:09 LOG5[2140:3896]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket 2009.04.01 15:34:09 LOG7[2140:3896]: ssh3 finished (1 left) If I decode the NTLM auth string, I only get the NTLMSSP header, which seems to be incomplete. If I recall correctly the domain and workstation info should be passed on as well. So question is, how do I get this to work? Is there any specific format that I need to use when using the protocol* settings for NTLM? Thanks and regards.