WinGate Forums

[rboynton]

Hey guys,

I built a fresh XP X64 machine (SP1 only). Client PC's can connect to the internet just fine. My problem is that I cannot remote into my server from the outside. I also cannot get SMTP traffic through. I have port 25 forwarded to my email server, and the port for my remote control program open as well. The machine does not have Windows firewall installed.

What else do I need to do to enable outside connections on a particular port to come through. I know I must be missing something simple!

Edit: Sorry, I'm using the 6.X release version.

[jasona]

Are your network adapters marked correctly in WinGate i.e. external as external and your LAN as Internal? How did you configure the port forward?

[rboynton]

Yes, I verified that the adapters are marked correctly. For the hole in the firewall, I went into:

Extended networking
port security
Connections from the internet, TCP, port #, allow packet.

Same thing for the port 25, except on that I set it to be redirected to another IP on my network (of the mail server).

This is the same exact way I have it set up on my old PC. Very strange. I cannot telnet to either port from the outside.

[jasona]

That sounds fine. Usually this would be caused by another firewall blocking the ports, there is nothing upstream from WinGate that could be blocking the port? Do you see any hits on the WinGate firewall? when you try to connect?

[adrien]

also, does NAT work through this computer?

we had to do some work-arounds on XP64 to get around the periodic kernel self-integrity checking (since we patch/thunk NDIS). This means if an adapter appears to NDIS very late, we may not see it. What sort of adapter is the external one, just a NIC?

Adrien

[rboynton]

There is nothing between the DSL box and the proxy. The adapter is an onboard NIC (Intel 82574L gigabit, one of two. The board is an Intel S3420GP server board. I don't see any evidence of a connection attempt in the activity viewer, or the firewall.

[rboynton]

It's not you guys. I hooked my laptop up to the external NIC and used a static IP... and it worked just fine. I understand my ISP recently installed a Barracuda filter, so am thinking there is some sort of MAC filtering going on. Wierd, but the only thing that is making sense to me at this point.

[adrien]

OK

you sure they aren't just blocking a whole bunch of ports inbound?

Or your test server (presumably on another ISP) isn't being blocked? For instance our biggest ISP in NZ blocks port 25 by default (I'd prefer then to block port 445 actually!!!).

Adrien

[labull]

You have my email address. Let me know if there's any testing / probing I can do from here!

[rboynton]

Yeah, it isn't the ports they are blocking. I can remote into one of my customers, then from there, try to remote into my proxy. On the old box, it works fine. If I move the network cable to the new box, do a release/renew of the IP, it does not work. Again, outbound works fine. The only thing different at that point is the ISP itself. The fact that I can directly connect my laptop to the ext NIC and get a connection proves that.

[adrien]

did you try resetting your external router or switch?

[adrien]

the more I think about it, the more I think the problem is between your router and the WinGate box.

Your ISP doesn't know or see your internal MAC addresses. So it can't tell the difference between you connecting back into your LAN and being piped to one computer with the same IP vs another.

Or am I missing something....

Are you using port-forwarding on your router? Or do your machines behind the router have public IP addresses?

When you change the cable over, does the new WinGate end up with the same IP as the old one did, or different? Changes in mappings between IP and MAC addresses can confuse some switches, and routers (which cache results of ARP lookups). Hence my suggestion to maybe reset the router and/or switch.

Cheers

Adrien

[rboynton]

I don't recall if the new box gets the same IP as the old box. I would doubt that anyway, since its table would hold the original IP for the original MAC address. There are no switches between the ISP's device and the proxy. My ISP is a wireless provider. We live out in the country, and the only high speed (short of two-way satellite which I used to have) internet provider are these guys. They have a tower with an access point that serves this entire valley. I have an antenna on my roof that has a device that looks like a high-gain Cisco WAP antenna. It is not Cisco though. This antenna device simply converts the wireless signal to ethernet where it comes into my Proxy. They can communicate with it, set parameters, etc.

I never used to have this problem, as I have built more than one server for customers setting up Wingate like this before deployment. I still believe it has something to do with their new Barracuda filter. Time will tell.

[adrien]

Hi Rick

when you are trying to connect back to your network from the outside, in both cases (where it works - old machine, and where it doesn't work - new machine) are you connecting back in to the same IP?

If so, then it's not your ISP. It may be their device if they have some equipment on your premises. Can you reset it?

[rboynton]

It is the same IP, as that static IP they gave me resolves to my domain. They point it to the antenna device at our place. I've power cycled this device several times to no avail. When they first put up the Barracuda system, they killed my inbound email until they figured out what was going on. It is a new system for them, and I have fewer doubts that is the source of the problem here. Thanks for all the help!

[adrien]

if you run wireshark on that WinGate computer, can you see any ARP requests coming from their device looking for your IP? Or any traffic from the device at all?

Regards

Adrien

[rboynton]

I'll likely have time tomorrow to do that. Thanks for the suggestion.

[rboynton]

Wireshark does not lie....

The old proxy's external NIC had a DHCP IP of 10.200.100.12
the new proxy's external NIC had a DHCP IP of 10.200.100.53

I let Wireshark run against the external NIC for about 5 minutes. I saw some single SMTP entries with a destination IP of the old proxy's IP. I saw no new traffic coming in destined for my new proxy's IP. I manually made the IP on the new proxy's external NIC to be the old proxy's 100.12 address. Within moments, Wingate's activity window came abuzz with traffic.

Apparently, whatever the ISP did had to do with hard coding sending data to the DHCP address on my side. I can't imagine why they would do that. At least the mystery is one step closer to being solved.

[adrien]

those are private IPs.

presuming that their wireless device has a public external IP (can test by going to http://whatisimyip.com) then there must be NAT going on in their device, in which case they would have had to set up a port forward to your proxy IP.

So your proxy would need to get the same IP as the old one in order to work.

Adrien

[rboynton]

Which makes it all the more strange why I was originally set up with DHCP on the external NIC. Oh well...