NTLM authentication passthrough on LTM without APM

We have a virtual server configured with and without OneConnect/NTLM using SNAT. Connecting directly to the server, the tcpdump shows 401 Authorization Required and separate NTLMSSP_Challenge packets. Connecting to the virtual server, the 401 challenge is not received by the client, a 4.5-5 second delay occurs and then the data is rendered. Subsequent refresh during the same session works fast.

Is this due to SNAT? Is there a way to support NTLM negotiation through LTM without APM? We are in an environment where nobody has SME for APM.