Wingate 6.0.1 / 995

Aug 17 04 8:36 am

Last week I updated from version 5.2.3 up tp 6.0.1/995.
Now it's not possible to log in into ebay. The firewall is reporting errors on port 80 on the external interface from several ebay-servers.
What goes wrong?

Aug 17 04 10:18 am

Please double check your adapter useage. Make sure that your internal and external adapters are marked appropriately.

Aug 17 04 7:31 pm

Yes - the adapters are marked very well. There is one internal and one external adapter. The problem is also if i try to log in from the wingate-machine, it is also after stoppping the service.
I can only log in from the wingate-machine if i disable the latest checkboxes of the ENS general-tab "Protext my system before ..." and "Keep firewall enables ..."

Here two rows of the Wingate-NAT-logfile:08/17/04 08:29:31 Authorisation failure: NAT STATUS: firewall block: TCP src 62.214.9.143:80 dst 192.168.123.1:1867

08/17/04 08:29:31 Authorisation failure: NAT STATUS: firewall block: TCP src 66.135.192.220:80 dst 192.168.123.1:1865

My Wingate-Server is 192.168.123.1.

So what has changed from 5.2.3 to 6.0? The same config runs very well until the update was installed.

Aug 17 04 8:45 pm

That's very odd that you are getting packets with a public source IP coming to your server with a private destination IP address.

Is this WinGate behind another NAT or do you have multiple IP addresses allocated to your external adapter?

Adrien

Aug 18 04 12:34 am

Yes, Wingate is behind a NAT-DSL-Router.

But I ask myself: Where is the problem? This configuration has run for more than 3 years.

Aug 18 04 12:59 am

radist wrote:Yes - the adapters are marked very well. There is one internal and one external adapter. The problem is also if i try to log in

Had to ask - because it's a common problem for people upgrading - because of dynamic binding WinGate is now a lot stricter on it's adapter useage, and it needs to be checked.

What those firewall entries are telling you is that a connection was attempted from 62.214.19.143 originating at port 80 who then attempted to connect to you on port 1867.

Is this a problem only for e-bay, or for all websites you visit ?

Aug 25 04 7:19 am

Sorry for the delay. I was some days offline).

So I know the meening of the firewall entries.
I ask myself what happens here. With the older version 5.2.3 and the same configuration it runs. But now it doesn't. Nothing is changed - but the Wingate update.

Aug 25 04 10:47 am

There are a few significant differences in 6.x vs 5.2.3. For one, dynamic binding and the whole new adapter schema. Then, the use of gateways, some major improvements in HTTP for chunking support, HTTP 1.1, etc. In most cases, your configuration should have migrated without any problems.

Hence, do you have this problem with e-bay only or with other sites too ?

Aug 25 04 11:57 pm

Yes, it's only ebay.

regards
rainer

Aug 26 04 6:34 am

In addition: it's not only ebay.
I've seen yet that there are other entries - eg. falkag.de.
The entry happend during the visit of lycos.de. But there is no login.
I think it will be a problem with sites that will catch customer data.
ebay is using the service of doubleclick and lycos is using falkag.
I think they will open there cookies or other files with customer information.

regards
rainer

Sep 04 04 12:30 am

For Qbik Staff

Thanks for your extensive help. :-(
It seems to be impossible to use Wingate and do ebay-business.
So I went back to version 5.2.3 and start looking for another firewall.

Regards
Rainer