Does this mean the squid box has to be the overall gateway for the internal network for transparrancy to work? The reason the proposed setup the way it is is because AWS VPC service has a service based NAT gateway which we have not low level control over and it is the default gateway. We want to only route http/https traffic over to squid and the rest via their NAT gateway Thanks in advance for the followup -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Transparent-Proxy-in-AWS-tp4680691p4680712.html Sent from the Squid - Users mailing list archive at Nabble.com. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users