The rule that I added was the http_access deny all AdultBlackListWebsites. Here is an update. And yes, this is a temporary fix, as I can tell from Chris Robertson's reply, and through working this issue, that I need to make some changes in my conf file. I moved my "http_access allow all WcomNet" rule to the top, and now the accounting department is able to authorize payments. So I have a lot of work on my hands to reorganize and tighten up this conf file. As for your questions Chris, all I can say right now, is that I am still on a learning curve, and I thank you for all your suggestions, and trust me...over the next couple of days, I will be wrapped up in this. http_access allow manager our_networks #http_access allow all open_for_ip_address http_access allow all WcomNet http_access allow WhiteListWebsites AuthLimitedUsers http_access allow WhiteListIPAddresses AuthLimitedUsers http_access allow all OpenAccessWhiteListWebsites http_access allow all OpenAccessWhiteListIpAddresses http_access deny all AdultBlackListWebsites http_access allow all Freemarkets http_access allow all MyTextron http_access allow all Corrlink http_access allow all SchwabPlan #http_access allow all WcomNet http_access allow all LindWaldock http_access allow all AuthPowerUsers http_access allow all AuthIPAddresses #http_access allow all OpenAccessWhiteListWebsites #http_access allow all OpenAccessWhiteListIpAddresses http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access deny to_localhost http_access deny !our_networks http_access allow BrownListWebsites OverRideBrownListUsers http_access deny all BrownListWebsites http_access deny all BlackListWebsites http_access deny all BlackListIpAddresses http_access deny all BlackListIpAddress1 http_access allow all AuthSafeAccessUsers #http_access allow WhiteListWebsites AuthLimitedUsers #http_access allow WhiteListIPAddresses AuthLimitedUsers http_access deny all -----Original Message----- From: Mark Elsen [mailto:mark.elsen@xxxxxxxxx] Sent: Tuesday, February 21, 2006 3:17 PM To: Casey King Cc: Squid Mailing List Subject: Re: Cannot authorize payment > I have a piece of software called POS-systems for credit card > authorization. It has been working fine until last week. It tends to > coincide when I added another rule to the squid.conf file. Which rule are you talking about ? > I have commented the rule out, but > still having the same problem. > > When I try to authorize a transaction I get a 40002 error message, > looking it up on the POS-systems website, this is a tcp/ip connection > issue. After working with them and finding the software setup > properly, I looked at my access.log file to see what was going on. > Here is what I see: > > ------------------------- > 1140552332.683 2 172.16.12.219 TCP_DENIED/407 1729 CONNECT > ssl.pgs.wcom.net:443 - NONE/- text/html > ---------------------------- > > Normally I would expect to see at least 4 lines in a row with this > information because I am using NTLM and basic authentication. When I > open a browser, I can nagivate to this https://ssl.pgs.wcom.net. The > ports that are required to be open and bi-directional are 443, 563, > and 2112. Here is what I have in my squid.conf: > >... Perhaps the POS client does not support NTLM auth ? M.
