Use this forum to post questions relating to WinGate, feature requests, technical or configuration problems
Feb 22 06 9:24 pm
Hi,
For our companies' small office, we are trying to block Internet access during work hours. We've downloaded the trial version of WinGate (6.1.1 #1077). On our network, we have an ADSL MoDem which has DHCP. Also we have an Exchange 5.5 running on win Nt 4.0 server just for internal mail. Our Internet mail is hosted from somewhere else. We have 10 clients that are connected to the network. We want to block their Internet traffic during work hours. At lunch (12:00-13:00) they will be free. The problem is that during their work hours, they should still be getting emails from the mail server (pop3 and smtp) and also get the internal mails from the exchange 5.5. The wingate server will run on the exchange server for sure, but for test purposes I'm running it on a workstation. The exchange has only one NIC. So unfortunately the clients will be on the same subnet. I chose the WGIC method. I allowed the pop3 and smtp ports and also the RPC port (135) for exchange 5.5. There is no problem with the smtp but outlook (2003) makes and illegal operation right after receiving the mail from the exchange server. (just before the send/receive window closes).
then I tried the NAT. I couldn't achieve to do what I really want. to sum up, what I want is pretty easy and most of them can be done by standart windows restrictions. I don't want the proxy method. The only problem I'm having is to let the users do what they want during lunch.
to list the items:
- all the clients except one are using windows xp professional. one is using windows 98.
- during work hours, clients may only connect to other clients (netbios over tcpip using ports 137 138 139), exhange 5.5 server and to a pop3 and smtp server outside the corporation (somewhere on the Internet)
- there are CAD/CAM software that sometimes connects to Internet in the background and do some licensing operations. Those needs to be not blocked. We'll figure out the ports and etc. from the software companies.
- between 12:00-13:00, the users can connect to Internet sites, web sites, secure sites (banks, shopping, etc.) but not other stuff like e-mule, limewire, etc.
At the moment, the clients are not restricted at all. the users of the clients are administrator users of the PC. They can do anything they want, but I will change that. So they will not be able to edit the TCP/IP connections. I will set their settings (like gateway) manually and they will not be able to change. If we can solve and see this software working efficiently, we'll buy the software for 10 clients. Thanks anyone who will help...
Feb 22 06 10:10 pm
Yes, you apply these restrictions by creating an ENS policy which filters out all traffic which does not conform to the policy you create there (including time limits).
Feb 22 06 10:46 pm
Thanks for your reply... I think I couldn't solve the issue and that's why I asked how to do so. I entered some settings in the extended networking. for sure, I'm doing something wrong and it doesn't block anything. I think I need to be routed on how to do. although I'm a computer science major, I started to lose my abilities in computer... I read the manual (rtfm) but I couldn't solve the issue.
Feb 22 06 11:35 pm
Aye, Wingate policy settings can be quite complicated - let's try it this way:
- Choose "Default system rights are ignored"
- Click Add button
- Tick "User may be assumed" checkbox
- Specify what time you want the users to be able to connect (say, lunch time)
Then click OK and try connecting through VPN outside these criteria times.
Powered by phpBB © phpBB Group.
phpBB Mobile / SEO by Artodia.