I spent quite a few hours trying to get squid 2.4 stable 7 to do ident lookups. First off, though docs for 2.4 on the web site have been known to be wrong since 2002, they have not been changed and still indicate that you should set ident_lookup to on..... I did find a note where Henrik pointed out that this was not current in 2002 and indicated that the squid.conf was authoritative, but portions of the cong file for 2.4 still reference ident_lookup. More problematic was the fact that there was inadequate info on how to configure the ident_lookup_access (especially in light of the confusing text from other directives) and that though ident appears to be working on the client, the acl does not appear to be working. Additinally, the current FAQ indicates that you do not need to use the ident_lookup_access command if you have and ident acl. When I test ident2 on the remote host (e.g. http://www.mandrakehelp.com/identd-HOWTO/TestIdent.html ) the host responds with the user name. so far so good. doing a tcpdump on the box running squid it appears that using a browser on the remote host results in an ident query, but it does not look like the remote host is responding and the browser will be denied access. I have tried quite a few configurations with no joy. I am looking for some assistance to determine whether this is a problem with the Mac OS X running ident2 not responding to the squid ident query, responding inappropriately (for squid's purposes), or improper acls presently ident2 is running without flags squid.conf is running with acl teachers ident marc http_access allow teachers