"If I assume that its doing what you want there are still two major issues that can be seen."................. i think it was... "1) Mixing interception and authentication (ssl-bump is a type of interception, at least on the https:// traffic). Intercepted messages cannot be authenticated - though there are some workarounds in place for ssl-bump to authenticate the CONNECT tunnel and label all the bumped traffic with that username." how it's that?, maybe i wrong (probably) but, for example a connection to youtube, it is ssl, and i see (in access.log, who do that (its authenticate). So? im wrong no? why? 2)........ we have a dns server (192.168.1.222) that just have our internal dns names and then points to 8.8.8.8... that (192.168.1.222) dns server would it not be useful either? sorry for ignorance and thanks -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/this-config-is-ok-is-ok-the-order-tp4682631p4682653.html Sent from the Squid - Users mailing list archive at Nabble.com. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users