Hi All, I was looking at different proxy servers like Squid and Privoxy to do fairly basic whitelisting of a handful of URLs or services (like Team Viewer) for a limited number of MAC or IP addresses on a network that already has a Draytek router in place. It would appear the Draytek can easily route a group of machines to this internal proxy meaning I don't need it to sit between the WAN and the LAN as would normally be the case and could in theory get away with one network card, but with everything being HTTPS these days, both Squid and Privoxy don't seem to like this. Setting it up and specifically pointing a users browser to the proxy works without issue, but when you try and use it in the transparent/intercepting sense, I can't seem to come up with the secret sauce of iptables to get around this for HTTPS. I'm curious to know what other people are doing when it comes to Internet access control? I was really hoping to run a basic Linux VM to handle this and then avoid trying to apply proxy settings to Windows clients via GPO.