hi there, after reading multible sites over a long time i hope im getting help via this list, im running crazy here sheme: client (www) -> squid (www - public ip) -> firewall -> owa (lan - private ip) squid.conf: visible_hostname host.domain.tld https_port 443 cert=/etc/squid/server.crt key=/etc/squid/server.key hosts_file /etc/squid/hosts http_port 127.0.0.1:8080 httpd_accel_host srv066 httpd_accel_port 80 httpd_accel_uses_host_header off httpd_accel_single_host on httpd_accel_with_proxy off acl acl_testmail dstdomain srv066 http_access allow acl_testmail acl to_index urlpath_regex /$ acl to_favicon urlpath_regex /favicon.ico$ acl to_exchange urlpath_regex /exchange http_access allow to_index http_access allow to_favicon http_access allow to_exchange acl all src 0.0.0.0/0.0.0.0 header_access Accept-Encoding deny all never_direct allow all http_access deny all when i try the connect via https://host.domain.tld, the following error ocoured: While trying to retrieve the URL: http://srv066 The following error was encountered: * Unable to forward this request at this time. This request could not be forwarded to the origin server or to any parent caches. The most likely cause for this error is that: * The cache administrator does not allow this cache to make direct connections to origin servers, and * All configured parent caches are currently unreachable. its an urgent problem, so i hope getting help here greetings andy --free your mind, use open source http://www.mono-project.com ASCII ribbon campaign ( ) - against HTML email X & vCards / \