I have an issue where I need to allow an external user to view a website via the public IP and not a hostname since this is a development website and there is no external DNS record out there for it. The IP of my squid box is 172.16.0.10 and I have a separate network connection setup on the squid box for each individual IP of the websites. Each of these 172.16.0.x addresses are tied to a public IP. This setup is in a DMZ so the 172.16.0.x address is forwarded to the firewall and redirected to the internal IP of the appropriate webserver. Again, I inherited this setup so I am not an Squid expert. I just need to know how to edit this config for Client 2 so that an external user can use a public IP instead of having to make a host file entry on their PC to point store.client2.com to the pubic IP of the website for this to work for them.. # Run Squid in virtual host mode http_port 80 vhost # Client1 reverse proxy config https_port 172.16.0.107:443 protocol=https vhost cert=/usr/local/squid/etc/devstore.pem key=/usr/local/squid/etc/devstore.key cache_peer 192.168.0.7 parent 80 0 no-query originserver name=store.client1.com acl client1 dstdomain store.client1.com http_access allow client1 cache_peer_access store.client1.com allow client1 # Client2 reverse proxy config https_port 172.16.0.111:443 protocol=https cert=/usr/local/squid/etc/devstore.pem key=/usr/local/squid/etc/devstore.key vhost cache_peer 192.168.0.11 parent 80 0 no-query originserver name=store.client2.com acl client2 dstdomain store.client2.com http_access allow client2 cache_peer_access store.client2.com allow client2 # Client3 reverse proxy config https_port 172.16.0.105:443 protocol=https cert=/usr/local/squid/etc/devstore.pem key=/usr/local/squid/etc/devstore.key vhost cache_peer 192.168.0.05 parent 80 0 no-query originserver name=store.client3.com acl client3 dstdomain store.client3.com http_access allow client3 cache_peer_access store.client3.com allow client3 # Client4 reverse proxy config https_port 172.16.0.106:443 protocol=https cert=/usr/local/squid/etc/mycert.pem key=/usr/local/squid/etc/mycert.key vhost cache_peer 192.168.0.06 parent 80 0 no-query originserver name=store.client4.com acl client4 dstdomain store.client4.com http_access allow client4 cache_peer_access store.client4.com allow client4 # OPAccess reverse proxy config https_port 172.16.0.120:443 protocol=https cert=/usr/local/squid/etc/opcert.pem key=/usr/local/squid/etc/opcert.key vhost cache_peer 192.168.0.20 parent 443 0 no-query originserver ssl name=opaccess.homecompany.com acl opaccess dstdomain opaccess.homecompany.com http_access allow opaccess cache_peer_access opaccess.homecompany.com allow opaccess # --- Begin default config options --- # hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? cache deny QUERY acl apache rep_header Server ^Apache broken_vary_encoding allow apache access_log /usr/local/squid/var/logs/access.log squid refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT # Only allow cachemgr access from localhost http_access allow manager localhost http_access deny manager # Deny requests to unknown ports http_access deny !Safe_ports # Deny CONNECT to other than SSL ports http_access deny CONNECT !SSL_ports # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS # And finally deny all other access to this proxy http_access deny all # and finally allow by default http_reply_access allow all #Allow ICP queries from everyone icp_access allow all # Leave coredumps in the first cache dir coredump_dir /usr/local/squid/var/cache Thanks, Jack *************************************************************************** Privilege and Confidentiality Notice THIS MESSAGE IS INTENDED ONLY FOR THE USE OF THE INDIVIDUAL OR ENTITY TO WHICH IT IS ADDRESSED AND MAY CONTAIN INFORMATION THAT IS PRIVILEGED, CONFIDENTIAL AND EXEMPT FROM DISCLOSURE UNDER THE APPLICABLE LAW. If the reader of this message is not the intended recipient, or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that any use of, disclosure, dissemination, distribution, forwarding, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender immediately by email or telephone, and delete the original message immediately. ***************************************************************************