We have setup our S160 to use NTLM authentication and allow NTLM Basic. This works great for normal workstations and laptops, but our physicians have their own personal smartphones that we have allowed them to use in the past. The problem is that with the exception of Windows Mobile, the smartphone OSs don't seem to handle proxy authentication for transparent proxies very well. After determining that we figured we would just create an access policy for these devices that would allow Guest access for failed authentications but it doesn't seem to fall through to that policy on the smartphones. Anyone have experience with getting the smartphones to play nicely?
If there are proxy settings from the smartphone, try using those instead of transparent redirectiion. You can also try to create no auth identity based on subnets or user-agents as well.
Would be a good case for a trouble ticket with support team.
I went to support originally with this and they did suggest the implicit proxy. It worked with the iPhone, but only for Safari, none of the other applications would work (not Cisco's fault, but still a no go). Perhaps in the 7.x train of AsyncOS they will add a forms based authentication to make this easier.