My acl section and http_access: acl manager proto cache_object COAP acl localhost src 127.0.0.1/32 ::1 acl Whitelist dstdomain "/etc/squid/whitelist_sites" acl ncsa_users proxy_auth REQUIRED acl SSL_ports port 443 acl Safe_ports port 80 acl CONNECT method CONNECT acl all src all # cachemgr access http_access allow manager localhost http_access deny manager # http_access Section http_access allow ncsa_users Whitelist http_access deny CONNECT !SSL_ports http_access deny !Safe_ports http_access deny all Squid version: 2.7 Port: 443 Browser: Chrome Site: gmail.com (although it's denying all https requests) On Tue, Oct 16, 2012 at 5:41 PM, Eliezer Croitoru <eliezer@xxxxxxxxxxxx> wrote: > On 10/16/2012 9:41 PM, Mike Muir wrote: >> >> Hello, >> >> I'm getting a TCP DENIED/403 in the access log when trying to access >> all HTTPS sites via web browser. The browser displays: Error 111 >> (net::ERR_TUNNEL_CONNECTION_FAILED): Unknown error. >> >> I've included the following in my squid.conf (I'm using Squid 2.7) >> which to my understanding should allow traffic on 443: >> >> acl SSL_ports port 443 >> acl CONNECT method CONNECT >> >> http_access deny CONNECT !SSL_ports >> >> I'll provide more info if necessary, but has anyone experienced this >> problem before? Any help would be appreciated. >> >> Regards >> > what version of squid? > what are the allow (not deny) acls? > what ports? > what browser? > what site? > > Regards, > Eliezer > > -- > Eliezer Croitoru > https://www1.ngtech.co.il > IT consulting for Nonprofit organizations > eliezer <at> ngtech.co.il -- Mike Muir Jr IT Administrator v: 902.492.0100 ext.131 f: 902.492.0078 www.me-ality.com | 420 Lexington Ave., Suite 1701, New York, NY 10170-1704 | 133 Troop Ave., Dartmouth, NS, B3B 2A7
