Hi Amos, Even if I do not use the IP address the .services.chromalloy.local is being blocked. Adding the IP to this line acl localServices dstdomain .services.chromalloy.local 192.168.3.42 did not fix anything. Both addresses are blocked. ****************** access.log 1316025786.929 25 192.168.100.19 TCP_DENIED/403 2419 GET http://192.168.3.42/ - NONE/- text/html 1316025789.582 0 192.168.100.19 TCP_DENIED/403 2227 GET http://192.168.3.42/ - NONE/- text/html 1316025793.845 0 192.168.100.19 TCP_DENIED/403 2475 GET http://services.chromalloy.local:8888/ - NONE/- text/html 1316025796.746 0 192.168.100.19 TCP_DENIED/403 2283 GET http://services.chromalloy.local:8888/ - NONE/- text/html Thank you, Margaret My config file: **************************************************************************************** #Recommended minimum configuration: acl manager proto cache_object acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 acl localnet src 192.168.100.0/24 192.168.101.0/24 acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 8888 # cnv virtual cage acl CONNECT method CONNECT #2011-09-13 from squid-cache maillist, Amos Jeffries cache_peer 192.168.3.42 parent 8888 0 originserver no-query name=services acl localServices dstdomain .services.chromalloy.local 192.168.3.42 cache_peer_access services allow localServices cache_peer_access services deny all http_access allow localnet localServices http_access allow manager SSL_ports http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny to_localhost icp_access deny all htcp_access deny all http_port 3128 access_log /var/log/squid3/access.log squid #Suggested default: refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 # Leave coredumps in the first cache dir coredump_dir /var/spool/squid3 acl whitelist dstdomain "/etc/squid3/whitelist.txt" # Allow localnet machines to whitelisted sites http_access allow localnet whitelist # block all other access http_access deny all **************************************************************************************** "This e-mail message and any attachment(s) are for the sole use of the intended recipient(s) and may contain company proprietary, privileged or confidential information. If you are not the intended recipient(s), please contact the sender by reply e-mail, advise them of the error and destroy this message and its attachments as well as any copies. The review, use or distribution of this message or its content by anyone other than the intended recipient or senior management of the company is strictly prohibited."
