I installed Wingate on a Windows XP SP2-based system. I have run into a couple of issues that appear to be related to Windows XP SP2.
1.) In Windows XP SP2, the number of concurrent connection attempts to an IP address is limited to 10. I understand that this is to limit the ability to launch DoS attacks. I received EventID 4226 on the WingGate system which means that there are to many concurrent TCP connection attempts. I found and installed a workaround (on a site in Germany - http://www.lvllord.de/?url=4226patch/faq&lang=en) that increases the number of concurrent connection attempts to an IP address to 50. I have not seen EventID 4226 on the Wingate system since doing this. Since Windows XP SP1 had no such limit, I do not know what would be a good value here. I can increase this limit. I will be changing the operating system to Windows 2003 soon. Windows 2003, apparently, also has a limit - which can be changed in the same manner that I did with Windows XP SP2. What would be an appropriate value for Windows 2003?
2.) I am running Wingate 6.0.3 Build 1005. I have enabled the Wingate Firewall prior to running Wingate. The Windows XP Internet Firewall and IP Sharing Service is disabled on the Wingate system. The computer Browser service on the Wingate system fails to start. The EventID (7023) for this evernt and service specific exit code do not seem to mean much. However, an identically worded event with an EventID of 7024 can occur on Windows XP SP2 systems running Microsoft Windows XP Firewall if the Windows XP Firewall blocks access to the ports used for MS networking. When I remove Wingate, the Event ID 7023 error goes away, and the browser service starts normally. When I reinstall Wingate, the problem returns. The browser service is not critical on this machine, so I have disabled it at present. Is this something I should be experiencing?
WinXP SP2 Issues
Moderator: Qbik Staff
5 posts
• Page 1 of 1
by genie » Oct 13 04 9:33 pm
That's correct: http://support.microsoft.com/default.aspx?kbid=314053
You need to modify TcpNumConnections parameter.
You need to modify TcpNumConnections parameter.
- genie
- Qbik Staff
- Posts: 1788
- Joined: Sep 30 03 10:29 am
by adrien » Oct 13 04 10:50 pm
Hi Bob
Do you see any entries in the firewall tab in GateKeeper, for instance UDP traffic on port 137, 138 or TCP 139?
It is possible depending on adapter usage settings, that WinGate may be firewalling or blocking certain aspects of your local network. For instance also ifyou have your LAN adapter set to "external" (in the Network pane in GateKeeper), and also have "disable name broadcasts to the Internet" enabled (which is on by default), then the browser service wouldn't function properly
Adrien
Do you see any entries in the firewall tab in GateKeeper, for instance UDP traffic on port 137, 138 or TCP 139?
It is possible depending on adapter usage settings, that WinGate may be firewalling or blocking certain aspects of your local network. For instance also ifyou have your LAN adapter set to "external" (in the Network pane in GateKeeper), and also have "disable name broadcasts to the Internet" enabled (which is on by default), then the browser service wouldn't function properly
Adrien
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
by Bob Tucker » Oct 13 04 11:06 pm
Thank you for the reply.
According to the MS Technet article that speaks directly to this, there are two different things that may be confused. EventID 4226 means that there are too many concurrent TCP connection attempts. A connection attempt is a query to a computer at a particular IP. TcpNumConnections limits the number of concurrent connections - rather than the number of concurrent connection attempts. The TechNet article explicitly states that - as the concurrent connection attempt limit has nothing to with the number of concurrent connections - the registry key TcpNumConnections is not useful here. Unfortunately, according to this Microsoft article, there is no registry key which would allow the user to change the concurrent connection attempt limit. Fortuantely, there are workarounds for this. I listed one earlier.
Wingate, on occasion, does appear to generate EventID 4226 - which means that there are too many concurrent TCP connection attempts. I asked the question of what an approapriate number of concurrent TCP connection attempts might be. I would like to know this for both Windows XP SP2 and Windows 2003 - as I will be installing Windows 2003 on this server; and Windows 2003 is, by default, similarly limted with respect to the number of concurrent connection attempts. Could you please comment as to an appropraite number?
You did not speak to the Browser issue that I asked about. The browser fails to start only when Wingate is installed and configured to provide Firewall services prior to the start of Wingate. The EventID involved is supiciously similar to one related to Windows Firewall blocking ports required for MS Networking on Windows XP SP2 systems. Windows XP SP2 is the OS in use here. Might this Browser problem be associated with Wingate?
Thank you for your assistance.
Bob Tucker
According to the MS Technet article that speaks directly to this, there are two different things that may be confused. EventID 4226 means that there are too many concurrent TCP connection attempts. A connection attempt is a query to a computer at a particular IP. TcpNumConnections limits the number of concurrent connections - rather than the number of concurrent connection attempts. The TechNet article explicitly states that - as the concurrent connection attempt limit has nothing to with the number of concurrent connections - the registry key TcpNumConnections is not useful here. Unfortunately, according to this Microsoft article, there is no registry key which would allow the user to change the concurrent connection attempt limit. Fortuantely, there are workarounds for this. I listed one earlier.
Wingate, on occasion, does appear to generate EventID 4226 - which means that there are too many concurrent TCP connection attempts. I asked the question of what an approapriate number of concurrent TCP connection attempts might be. I would like to know this for both Windows XP SP2 and Windows 2003 - as I will be installing Windows 2003 on this server; and Windows 2003 is, by default, similarly limted with respect to the number of concurrent connection attempts. Could you please comment as to an appropraite number?
You did not speak to the Browser issue that I asked about. The browser fails to start only when Wingate is installed and configured to provide Firewall services prior to the start of Wingate. The EventID involved is supiciously similar to one related to Windows Firewall blocking ports required for MS Networking on Windows XP SP2 systems. Windows XP SP2 is the OS in use here. Might this Browser problem be associated with Wingate?
Thank you for your assistance.
Bob Tucker
- Bob Tucker
- Posts: 94
- Joined: Oct 02 03 11:47 pm
by Bob Tucker » Oct 13 04 11:16 pm
Dear Adrien,
Thank you for your reply. I saw your reply only when I posted my reply to genie's earlier comment. I will check the Firewall tab. I explicitly set the internal adapter to internal. I will check UPD at 137 and 138 and TCP at 139. Thank you again.
Thank you for your reply. I saw your reply only when I posted my reply to genie's earlier comment. I will check the Firewall tab. I explicitly set the internal adapter to internal. I will check UPD at 137 and 138 and TCP at 139. Thank you again.
- Bob Tucker
- Posts: 94
- Joined: Oct 02 03 11:47 pm
5 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 10 guests