Squid

How to fix "Access Denied" in SQUID?

A local network (192.168.1.x) has been built, the network to which is distributed by the Zyxel Giga 2 router, flashed with firmware version 1.14 to be able to configure iptables in it.
On the server located in the network, squid with transparent caching is installed.
From the router, I forward all network users going to the external network on port 80 to the server with squid according to the rule:

#!/bin/sh
INTERNAL_NETWORK="192.168.1.0/24" 
ROUTER_IP="192.168.1.1" 
PROXY_SERVER="192.168.1.2" 
PROXY_PORT="3128" 

iptables -t nat -A PREROUTING -i br0 -s $INTERNAL_NETWORK -d $INTERNAL_NETWORK -p tcp --dport 80 -j ACCEPT 
iptables -t nat -A PREROUTING -i br0 -s ! $PROXY_SERVER -p tcp --dport 80 -j DNAT --to $PROXY_SERVER:$PROXY_PORT 
iptables -t nat -A POSTROUTING -o br0 -s $INTERNAL_NETWORK -d $PROXY_SERVER -p tcp -j SNAT --to $ROUTER_IP 
iptables -I FORWARD -i br0 -o br0 -s $INTERNAL_NETWORK -d $PROXY_SERVER -p tcp --dport $PROXY_PORT -j ACCEPT

squid config

http_port 3128 transparent
http_port 0.0.0.0:3128 transparent

dns_nameservers 192.168.1.2
cache_mgr [email protected]

acl localnet src 192.168.1.1-192.168.1.254/255.255.255.0
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT

http_access allow localhost manager
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny to_localhost
http_reply_access allow all

http_access allow localhost
http_access allow localnet
http_access deny all

minimum_object_size 10 KB
maximum_object_size 8192 KB

cache_log /dev/null
access_log none
cache_store_log none

#cache_mem 1024 MB
cache_dir ufs /srv/Cache 50000 16 256
coredump_dir /srv/Cache

cache_swap_low 90
cache_swap_high 95

acl block_ext urlpath_regex -i "/etc/squid3/blocks.ext.acl"
cache deny block_ext

refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern .               0       20%     4320

cache_effective_user proxy
cache_effective_group proxy

forwarded_for off

The problem is that with a transparent proxy, no matter what I do, I get an error "Access is denied" or an error with the text The following error was encountered while trying to retrieve the URL: / when if you manually specify the proxy in the browser, then squid works without errors.
Perhaps somewhere I could have made errors in the config, or some others that I don't know about. Tell me how to solve this problem?