WinGate Forums

[suporteagro]

Dear support,

I have a PC in my internal network that runs a Linux CentOS 5.5 (kernel 2.6.18-194.32.1.el5) distribution with SSH service at port 64022 and with a static IP.
I need to allow remote access to this machine through PuTTY software. So I created a TCP Mapping service to port 64022 of the machine static IP, set Bindings to allow internet connections and set Policies to Everyone (Unrestricted rights).
Unfortunately it doesn't connect and I have only this debug log message:
04/29/11 14:03:32 200.158.6.78 Guest 0000007980 Error: Caught socket exception in CTCPMappingSession::Initialize() Connection to Remote Host timed out - terminating
04/29/11 14:03:32 200.158.6.78 Guest 0000007980 Traffic 0 0 0 0 21s

Could you help me please ?
I'm running Wingate 6.6.4 (Build 1338)


Thanks for you attention,
Gabriel

[adrien]

Hi

that normally means for some reason the server you entered in the TCP mapping isn't accessible, or isn't running on that port (or may be firewalled).

Can you even get a telnet connection to that server:port?

Regards

Adrien

[suporteagro]

Hi Adrien,

The machine I need to allow access has firewall enabled with lots of rules. It belongs to another company and I have no access.
So I made an Ubuntu installation with a SSH Server at the same port and it worked just fine, but looking the "auth.log" file of the Ubuntu machine I figured that my internal IP (the Wingate IP) is the one that is reaching the PC and it could be the problem. Is there any way to make the external IP to reache the PC ?

Thanks,
Gabriel

[adrien]

If you want the original client IP to be the one that the server sees, you'd need to do an ENS redirect, with "don't translate source IP" selected, but this only works if that WinGate is the default gateway for the computer you are connecting through to.

This computer (that belongs to the other company) - it's connected to your LAN adapter? If so, you can't just get WinGate to use a different IP or the connection will fail.

You don't have any specific gateway set in that TCP mapping proxy do you ?

[suporteagro]

Hi Adrien,

The computer is connected to my LAN and WinGate IP is set as default gateway.
I have no plans to change the WinGate server IP.
And I have no gateways set in the TCP Mapping.

I tried to create a Port Redirect but it didn't work.
I deleted the TCP Mapping Service. In Extended Networking->Port Security I created a new Port Rage Configuration, selected "Internet computers to the Wingate PC", selected the port, in Action I selected "Redirect Packet to IP address", informed the internal destination IP and checked "Dont translate source IP".

Did I forget something ?

Thanks,
Gabriel

[adrien]

those sound like the right steps.

The one thing that could also affect it.

using the table for "Internet connections to the WinGate PC" is used if the connection is received on an external adapter.

If your internet-facing adapter is not tagged as external, then this table wouldn't be consulted.

If you need it to be internal, you can use the "LAN connections to WinGate PC" table instead.

Also do you see any hits on the WinGate firewall? Or any NAT connections showing in GateKeeper when you're trying to connect to this?

Also... when testing, you'd need to test from some computer connected to the external LAN segment (so you may need to test from another ISP account).

Adrien

[suporteagro]

Hi Adrien,


It finally worked. The last problem was related to the ENS Policies.


Thanks,
Gabriel