The “allowed subnets” topic is one of my “standard configuration”. 
Your suggestion about the URL Filter was very good. I’ve got connection to the first part of the cache manager. But when I chose a line it fails again with: ERROR ## Cache Manager Access Denied.
Now. How is that passed? At the bottom of the page is Authentication method is (choice) None
Re my experience with ipfire. I had used ipfire for a year on a mini computer and do not remember any problem. Because of that, I purchased the ipfire mini appliance. Before ipfire I had used SmoothWall. I have a MAC and consequently do not use Excel but had developed an elaborate perl program to run stock data analysis before all these new programs that have flooded the market in the previous decade.
No success!
Even with transparent proxy. 
Give me a short bit Kenneth. I remember something along the lines of this same darn thing happening to me, but I am just going to have to dig way down deep in my mind and figure out what I did to fix it. I will get back to you.
ok, you wouldn’t be able to get to that management page, lest you had already logged in and authenticated yourself, which tells me that you have a firewall rule in place to allow you to get in, the squid.conf file has an agreement with that cgi page on username and password… Hmmmmmm… I do swear I remember this, and along side of the FW rule, the IPS exception, the WebProxy Whitelist for the /24 so you can get to it, there may be 2 other things…
1.) If you are running the firewall on 192.168.5.0/24 which is green, and your on a workstation on wifi accessing the network from blue… say 192.168.10.0/24, then you would also have to add blue /24 to the whitelist exceptions on the webproxy screen way up top here in this thread. ALSO… Something seems to point me in the direction of clamav, and I just cant remember what it was… I will keep thinking and get back to you
Hey, drop to bash # and goto:
/var/ipfire/proxy/
#cat squid.conf
find this… and verify what you see as ports here, matches what…
http_port :801
http_port :3129 intercept
you see here…
Mine does…
Also, make sure you look here in squid.conf and cat for this…
acl IPFire_green_network src x.x.x.0/24
acl IPFire_green_servers dst x.x.x.0/24
If you happen to be crossing zones, from being physically located on Blue, trying to access the proxy menu on Green, you might need a blue entry there as well…
Also, please read this…
http://squid-web-proxy-cache.1019090.n4.nabble.com/Access-Denied-for-manager-td4685295.html
Might be right up your road of problems with an ACL not fully being there…
AND
Try unchecking the box for squidclamav in the web proxy screen just for a temporary time and test. It could be clamav messing with you. If that happens to be the case and we can isolate it, I can maybe do a little more digging for you.
There must be some other blocking.
I do not use IPS, URLFilter or clamav, but can see the issue also ( access from blue ).
BTW: the link cited doesn’t help really.
Right, I figured the link wouldn’t have the answer but I put it out there to get everyone thinking in terms of ACLs.
I’ve got both ClamAV and SquidClamAV installed.
That is supposed to be correct.
It could however cause a conflict ?
Looked ok.
added port 81 and ip 192.168.1.5 (Clam) unrestrictive
trialed Ethernet and wireless. No change
image Squid View.
As I understand it, you are whitelisting your ability to get to the menu, not the proxy itself in that section.
Ports 81 and 444 is how you access the cachemgr.cgi
In my case, I changed it to 801 instead of 81.
Also, if you don’t recognize the IP, I would attempt to update it.
First however,backup your file in SSH prior to doing it, so if it doesn’t work, you can revert back, then change the IP to the correct IP for clamd_ip. The port 3310 is the port that clamav uses in this case to process files through its security.
Ok. That appears the problem: port 81 should read 800 (in my case).
Which file is to be corrected?
You wouldn’t have to mod the file directly for this setting. In the above screenshot thst I showed you. Find the setting thst shows 801 in my case and change yours to 800, if that’s what your aiming at. Then save it by clicking save on the screen. For good measure, if you can, reboot ipfire. I say if you can, because you may have it setting in production somewhere.
Eric
That’s the problem. Because that is what it has always been (800).
Is the 81 a controlling or limiting entry? Where does it
come from as the image Proxy 800 shows, the port has been
800 for several weeks.
Hi Kenneth,
So your menu is properly accessible now?