I'm having this problem described in a M$ TID as follows:

When Basic or Microsoft Windows NT Server Challenge Response
authentications are enabled on the WWW service, and Access Control is
selected (enabled) on the Web Proxy service, a reverse proxy to an
internal web server will fail.

The Proxy Server tries to validate the Internet user and sends back the
Proxy Authentication header that the browser is not designed to recognize.
Therefore, the user will be prompted for username and password three
times, then access will be denied, regardless of what username the user


I am using BorderManager 3.8. Is this a problem with BorderManager
reverse proxy also..? I'm trying to access a IIS web site with
authentication via BM Reverse Proxy.