Wingate and Wi-Fi Hotspot

WinGate Proxy Server and other Qbik products

Switch to full style
Use this forum to post questions relating to WinGate, feature requests, technical or configuration problems
Post a reply
maddiuex
  • maddiuex
  • Posts: 1
  • Joined: Feb 04 04 2:57 pm

Wingate and Wi-Fi Hotspot

Feb 04 04 3:03 pm

Putting together a wireless hotspot, and was wondering if Wingate would be the program to use for this. I have had use with wingate, but just the basic's. Questions 1. If a person connected using wingate, could they see others on the network. 2. How secure is Wingate for that function. 3. Can someone access the network without authitication? Basically I would want a user to sign in. Get the password of the day and then surf the internet for free. But not be able to see others on the network, or let a virus run rapid?? And is there a better Hardware device that I would be looking for?

Thanks
adrien
  • adrien
  • Posts: 5448
  • Joined: Sep 03 03 2:54 pm
  • Location: Auckland
  • Website

Feb 04 04 8:40 pm

Not sure I understand your setup, but if you mean that you don't want radio network users to be able to access your LAN, then there are a couple of things.

Firstly, your network won't generally let users connect to things like file shares or printers without credentials that are good for that network, however if you are running Intranet webservers etc, then you may need to block access to them in WinGate.

WinGate in this scenario would could be considered a router with rules.

However, only the rules in the port security tab apply for routing (forwarding of packets without address translation). If you want to use more advanced rules, you would need to force WinGate to perform NAT on the wireless users connections to the Internet. WinGate is designed to NAT traffic that is received on a trusted/internal interface and has to be sent on an untrusted/external interface.

By default if WinGate is just on a machine on your LAN using private IPs, then the interface will be deemed trusted, so the wireless users would be routed through to your LAN. For these wireless users to be able to access the internet, or get any 2-way communications going with machines on your LAN, any machine on your LAN would need to know that to get back to the IP address of a wireless user, they would need to use WinGate as a gateway. So, you are pretty safe there, since in general your LAN won't be using your WinGate install as a default gateway (unless it is also your main internet gateway?), but it means if you want your wireless users to go through WinGate, then out through your main Internet gateway, then this gateway would need to have a route added to point back to the wireless subnet through your WinGate.

If you set the interface properties to public/untrusted, then WinGate will do NAT, and then you can apply all the policies in the ENS policy tab. It also means that the wireless users will be able to make TCP connections to your LAN, since the LAN users will deem the connection to be from a local machine (i.e. they will have a route back).

Hope this helps.

Adrien
Post a reply
Switch to full style

Powered by phpBB © phpBB Group.

phpBB Mobile / SEO by Artodia.

Board index