>In IIS 6.0 and IIS 5.1 permissions of IUSR_xxxxx user account used by IIS >for anonymous access was changed. Now you must disable IIS anonymous access >on the cgi-bin directory to allow cachemgr to work correctly (not a so bad >security settings ...), don't forget that you must enable at least one >authentication schema in the IIS config. Hi, I tried disabling the anonymous access on both a virtual directory and a new website (port 81) but I still get the error. The only authentication is integrated auth. I started using the wizard so the rest is default. Of course my default webpage is set cachemgr.cgi and not index.html or something like that. Maybe you changed some other things while testing? Kind regards, Jeroen. I've copy/pasted my config for your information: http_port 8080 hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? acl to_NoCacheDomains dstdomain .checkpoint.com no_cache deny QUERY no_cache deny to_NoCacheDomains cache_mem 50 MB auth_param ntlm program c:/squid/libexec/win32_ntlm_auth.exe auth_param ntlm children 5 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param ntlm use_ntlm_negotiate off auth_param basic program c:/squid/libexec/nt_auth.exe auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours auth_param basic casesensitive off refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl LocalRange src 172.20.0.0/16 192.168.100.0/24 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access allow manager LocalRange http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports external_acl_type NT_global_group %LOGIN c:/squid/libexec/win32_check_group.exe -G -c acl allow_internet external NT_global_group internet acl password proxy_auth REQUIRED http_access allow password allow_internet http_access deny all http_reply_access allow all cache_mgr webmaster@xxxxxxxxxx cachemgr_passwd savaco all acl to_LocalRange dst 172.20.0.0/16 192.168.100.0/24 always_direct allow to_LocalRange coredump_dir c:/squid/var/cache
