Wingate and SKYPE SOCKS5

WinGate Proxy Server and other Qbik products

Switch to full style
Use this forum to post questions relating to WinGate, feature requests, technical or configuration problems
Post a reply
giox069
  • giox069
  • Posts: 3
  • Joined: Sep 26 08 5:07 am

Wingate and SKYPE SOCKS5

Sep 26 08 5:22 am

We are trying to use skype with a socks5 proxy, so we are evaluating Wingate.

Problem 1:
It seems that wingate close unexpectedly the "UDP Associated" socket, so the clients are unable to do UDP/P2P and skype fallbacks to TCP-non-P2P connection.
Here is a part of "SOCKS Proxy server.log"

09/25/08 17:50:44 192.168.57.208 Guest 0000000363 Created:
09/25/08 17:50:44 192.168.57.208 Guest 0000000363 Requested: SOCKS5 UDP Associate 0.0.0.0:3410
09/25/08 17:50:55 192.168.57.208 Guest 0000000363 Debug: UDP Associate: received 32 bytes from 192.168.57.208:3410
09/25/08 17:50:55 192.168.57.208 Guest 0000000363 Debug: UDP Associate: received 32 bytes from 192.168.57.208:3410
09/25/08 17:50:55 192.168.57.208 Guest 0000000363 Debug: UDP Associate: received 68 bytes from 192.168.57.208:3410
09/25/08 17:50:55 192.168.57.208 Guest 0000000363 Debug: UDP Associate: received 68 bytes from 192.168.57.208:3410
09/25/08 17:50:55 192.168.57.208 Guest 0000000363 Debug: UDP Associate: received 68 bytes from 192.168.57.208:3410
09/25/08 17:50:55 192.168.57.208 Guest 0000000363 Debug: UDP Associate: received 49 bytes from 192.168.57.208:3410
09/25/08 17:50:55 192.168.57.208 Guest 0000000363 Debug: UDP Associate: received 49 bytes from 192.168.57.208:3410
09/25/08 17:50:55 192.168.57.208 Guest 0000000363 Debug: UDP Associate: received 40 bytes from 192.168.57.208:3410
09/25/08 17:50:55 192.168.57.208 Guest 0000000363 Debug: UDP Associate: received 40 bytes from 192.168.57.208:3410
09/25/08 17:50:55 192.168.57.208 Guest 0000000363 Debug: UDP Associate: received 11 bytes from 86.49.83.7:3210
09/25/08 17:50:55 192.168.57.208 Guest 0000000363 Debug: UDP Associate: received 73 bytes from 192.168.57.208:3410
09/25/08 17:50:55 192.168.57.208 Guest 0000000363 Debug: UDP Associate: received 11 bytes from 84.30.223.39:9566
09/25/08 17:50:55 192.168.57.208 Guest 0000000363 Debug: UDP Associate: received 45 bytes from 192.168.57.208:3410
09/25/08 17:50:55 192.168.57.208 Guest 0000000363 Debug: UDP Associate: received 68 bytes from 192.168.57.208:3410
09/25/08 17:50:55 192.168.57.208 Guest 0000000363 Debug: UDP Associate: received 11 bytes from 69.137.152.104:4360
...
... more traffic
...
09/25/08 17:51:03 192.168.57.208 Guest 0000000363 Debug: UDP Associate: received 40 bytes from 192.168.57.208:3410
09/25/08 17:51:03 192.168.57.208 Guest 0000000363 Debug: UDP Associate: received 42 bytes from 192.168.57.208:3410
09/25/08 17:51:03 192.168.57.208 Guest 0000000363 Debug: UDP Associate: received 40 bytes from 192.168.57.208:3410
09/25/08 17:51:03 192.168.57.208 Guest 0000000363 Debug: UDP Associate: received 45 bytes from 192.168.57.208:3410
09/25/08 17:51:03 192.168.57.208 Guest 0000000363 Debug: UDP Associate: received 43 bytes from 192.168.57.208:3410
09/25/08 17:51:04 192.168.57.208 Guest 0000000363 Debug: UDP Associate: received 43 bytes from 79.43.130.103:54620
09/25/08 17:51:04 192.168.57.208 Guest 0000000363 Error: Caught socket exception in CSOCKSSession::OnRead() Connection Reset by Remote Host - terminating
09/25/08 17:51:04 192.168.57.208 Guest 0000000363 Traffic 10826 13157 12233 10024 20s
09/25/08 17:51:04 192.168.57.208 Guest 0000000363 Terminated exit code 1


Skype works, but file transfer are slowed down and audio is relayed thru skype servers (this is the default when skype fallbacks to TCP).

Problem 2:
Is it possible to block skype on the HTTP (WWW) proxy ? In squid proxy server I can block skype 3.5 simply by blocking clients with empty "User-Agent:" header. Can wingate WWW proxy block HTTP empty "User-Agent:" requests ?

Thank you
Giovanni
logan
  • logan
  • Posts: 671
  • Joined: Oct 19 06 2:49 pm
  • Location: Auckland, New Zealand

Re: Wingate and SKYPE SOCKS5

Sep 30 08 5:34 pm

Hi Giovanni,

In the log extract you provided, the session timed out after exactly 30 seconds. Is this consistent with all the other timeouts shown in the log file?

Are you requiring authentication in the SOCKS proxy server?

What is the session timeout set to (found in the sessions configuration section)?
giox069
  • giox069
  • Posts: 3
  • Joined: Sep 26 08 5:07 am

Re: Wingate and SKYPE SOCKS5

Sep 30 08 10:16 pm

logan wrote:Hi Giovanni,

In the log extract you provided, the session timed out after exactly 30 seconds. Is this consistent with all the other timeouts shown in the log file?


They are 20 seconds :) I have sessions that are closed just within one or two seconds, and other sessions are closed after one hour :(

logan wrote:Are you requiring authentication in the SOCKS proxy server?

No, currently the Socks5 server has "Everyone unrestricted rights" on the policies, because I was unable to make cleartext authentication work. Skype clients are configured to send the password, but wingate is currently open to the public.

logan wrote:What is the session timeout set to (found in the sessions configuration section)?


The session timeout (Socks proxy server properties --> Sessions) is disabled (there is no checkbox). I disabled it before the creation of the attached logfile.

Two small new notes:
- Sometimes the UDP Associated connection is closed without logging the error "Error: Caught socket exception in CSOCKSSession::OnRead() Connection Reset by Remote Host".
- Between the skype clients and wingate there is a cisco IOS firewall (without NAT). But I don't suspect it's a firewall problem.
Post a reply
Switch to full style

Powered by phpBB © phpBB Group.

phpBB Mobile / SEO by Artodia.

Board index