Cannot authenticate by using NTLM

When you attempt to access a Reverse Proxy instance, you receive the following error messages:

DPWWA2403E Your browser supplied NTLM authentication data.
NTLM is not supported by WebSEAL. Ensure that your browser
is configured to use Integrated Windows Authentication. 

Reverse Proxy does not support NT LAN Manager (NTLM) authentication. Some browsers support NTLM authentication only or are configured to send NTLM authentication tokens instead of SPNEGO tokens. A browser that supports SPNEGO might be sending NTLM tokens for the following reasons:

• Microsoft Internet Explorer is not configured with the Reverse Proxy server in the Trusted sites or Local intranet zone.
• Microsoft Internet Explorer is not configured for Integrated Windows Authentication.
• The client workstation and the Reverse Proxy server might be a member of different Active Directory domains (Kerberos realms).
• The client workstation is not logged in to the Active Directory domain.
• The client workstation is not specifying the correct host name to access the Reverse Proxy server. The value that is specified for the –princ option of the ktpass command must be the same host name that client uses to contact the Reverse Proxy instance.
  For example, for clients to contact the Reverse Proxy instance at https://diamond.subnet2.ibm.com and the Reverse Proxy instance is in the IBM.COM Kerberos realm, specify the following value for the –princ option:

  HTTP/diamond.subnet2.ibm.com@IBM.COM