There's definite issues relating to transparent proxying and authentication - mostly surrounding the question "how does one know whether the authentication information is for the website or for the proxy?" I'd suggest not using transparent proxying for now and waiting for Squid-2.6 to mature, which'll fix other random problems with regards to NTLM-authenticated websites. Adrian On Sun, Jun 04, 2006, Teller Sgt Robert J (GCE RCT-7 DATA NCOIC) wrote: > Classification: UNCLASSIFIED > > I am currently running squid stable 2.5 on a Debian server using the 2.6 > kernel. I have my system setup as a transparent proxy redirecting all > traffic to port 80. Even though it is not recommended I am using NTLM > auth. I have everything working perfectly my users are able to > authenticate and surf to about 95% of the websites but for some reason > some websites show up with a IIS 401 error telling them access denied. > If I configure the user to use the proxy server directly instead of > allowing port redirection to happen, they are able to access the website > just fine or if I change my ACL to allow their IP they can access the > site just fine. Is there anything I can do to fix this or is this just a > side effect of tweaking squid to allow transparent auth? > > Thank You > Robert