I'm using squid 2.6 CVS HEAD plus http11 patch. Problem is, this seems to have broken NTLM passthrough. Connection goes like... CLIENT -> SQUID: GET / HTTP/1.1 SQUID -> CLIENT: HTTP/1.1 401, WWW-Authenticate: NTLM CLIENT -> SQUID: GET / HTTP/1.1 NTLMSSP_NEGOTIATE SQUID-> CLIENT: HTTP/1.1 401, NTLMSSP_CHALLENGE, Connection:close The problem is the 'Connection: close' bit, which breaks the NTLM handshake. Normally this is handled by: persistent_connection_after_error on But this does not seem to have any impact with my current setup. Anyone have experience with this? Thanks, Scott