WinGate Forums

[pain_elemental]

When I check to activate the transparent proxy on the WWW proxy server, the client computers cannt navigate to any page.

I'm using the .04 version, with ens enabled as "Low: enable servers...".

[MattP]

It sounds like you have some kind of configuration problems on your server, how is DNS set up on your network?

Do you run Active Directory?

Do you have two NICs in the WinGate server? Is the external NIC configured with your ISP's DNS servers?

Does a NAT connection work?

[jamesc]

The WWW Proxy Service uses the DNS to find out the IP address of the web site requested. A quick test to see if their is a DNS issue, is to browse www.google.com via its IP address:

If http://www.google.com does not get resolved via proxy, but http://66.102.7.99 does... may be a DNS prob.

[pain_elemental]

It sounds like you have some kind of configuration problems on your server, how is DNS set up on your network?

Do you run Active Directory?

Do you have two NICs in the WinGate server? Is the external NIC configured with your ISP's DNS servers?

Does a NAT connection work?

Thanks for your attention, but the 2 nics are configured properly, one with my internal network, and the second with my external net.

Adaptador Ethernet Rede Local:

Sufixo DNS específico de conexão . :
Descrição. . . . . . . . . . . . . : 3Com EtherLink XL 10/100 PCI TX NIC (3C905B-TX) #2
Endereço físico. . . . . . . . . . : 00-10-5A-E0-70-94
DHCP ativado . . . . . . . . . . . : não
Endereço IP. . . . . . . . . . . . : 192.168.0.1
Máscara de sub-rede. . . . . . . . : 255.255.255.0
Gateway padrão . . . . . . . . . . :
Servidores DNS . . . . . . . . . . : 192.168.0.1

Adaptador Ethernet Internet:

Sufixo DNS específico de conexão . :
Descrição. . . . . . . . . . . . . : 3Com EtherLink XL 10/100 PCI TX NIC (3C905B-TX)
Endereço físico. . . . . . . . . . : 00-10-5A-09-2F-AE
DHCP ativado . . . . . . . . . . . : não
Endereço IP. . . . . . . . . . . . : 201.18.137.202
Máscara de sub-rede. . . . . . . . : 255.255.255.0
Gateway padrão . . . . . . . . . . : 200.217.40.201
Servidores DNS . . . . . . . . . . : 192.168.0.1
NetBIOS por Tcpip. . . . . . . . . : desativado

Yes, I have active directory working fine, and the dns configured on the external nic is the Microsoft DNS that runs on local machine, properly configured with the forwarders from my ISP.

If I disable the "Transparent Proxy..." on sessions of the WWW Proxy Server, the connections made with NAT on client machines works like a charm, but with no caching.

If i manually setup the proxy on the browsers (opera, ie and ffox), the browsing works fine to.

When I enable "Tranparent Proxy..." (with the port 80 on the interceptions list) the browsing doesnt work anymore.

The WWW Proxy Service uses the DNS to find out the IP address of the web site requested. A quick test to see if their is a DNS issue, is to browse www.google.com via its IP address:

If http://www.google.com does not get resolved via proxy, but http://66.102.7.99 does... may be a DNS prob.

Thank for your feedback too.

It also doesnt work. I tried it before the post, and then now, but with the same results.

[adrien]

HI

Your TCP/IP settings look correct.

What errors do you see in the client browser when you enable transparent proxy?

I'm wondering if it is a policy setting in the WWW Proxy or something.

If you enable debug logging in the WWW Proxy, and send us through a snippet of activity when this is happening, we should be able to get a good view of what is going on.

Thanks

Adrien

[pain_elemental]

Hi,

I turned on debug logging and I didn't see anywhere these logs.

on WWW proxy log, the lines that I see are:

...
09/28/05 09:28:17Service started successfully
09/28/05 09:28:17Configuration changed
09/28/05 09:28:34Service stopped
09/28/05 09:28:34Service started successfully
09/28/05 09:28:34Configuration cha

The last line only have the "cha" not "changed".

On the nat part, there's nothing related to the http (80) port or the ip of the site (google.com/66.102.7.99) after I enable the transparent proxy.

Is the debug output stored in some other place?

I have noticed that the system log has some weird things, the last lines:

09/28/05 08:20:56wKgAC/////8ARABDAQAAABH///////8AEVu7VAwAAEUAAUgTJQAAgBFlzcCoAAv/////AAAAAAAAAAAAAAAAAAAAAAAAAAAARABDATRAYwEBBgDURhuGAwAAAMCoAAsAAAAAAAAAAAAAAAAAEVu7VAwAAAAAAAA=
09/28/05 08:33:45wKgADP////8EGQWaAQAAABH///////8AEVu5c6gAAEUAAB0BHQAAgBF4/8CoAAz/////AAAAAAAAAAAAAAAAAAAAAAAAAAAEGQWaAAkzdQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
09/28/05 08:34:30wKgADP////8ARABDAQAAABH///////8AEVu5c6gAAEUAAUgCnQAAgBF2VMCoAAz/////AAAAAAAAAAAAAAAAAAAAAAAAAAAARABDATTrWwEBBgBSougPAAAAAMCoAAwAAAAAAAAAAAAAAAAAEVu5c6gAAAAAAAA=
09/28/05 08:34:33wKgADP////8ARABDAQAAABH///////8AEVu5c6gAAEUAAUgCqwAAgBF2RsCoAAz/////AAAAAAAAAAAAAAAAAAAAAAAAAAAARABDATToWwEBBgBSougPAwAAAMCoAAwAAAAAAAAAAAAAAAAAEVu5c6gAAAAAAAA=
09/28/05 08:36:41wKgADP////8ARABDAQAAABH///////8AEVu5c6gAAEUAAUgERAAAgBF0rcCoAAz/////AAAAAAAAAAAAAAAAAAAAAAAAAAAARABDATR4IgEBBgD+Dq/cAAAAAMCoAAwAAAAAAAAAAAAAAAAAEVu5c6gAAAAAAAA=
09/28/05 08:36:44wKgADP////8ARABDAQAAABH///////8AEVu5c6gAAEUAAUgETAAAgBF0pcCoAAz/////AAAAAAAAAAAAAAAAAAAAAAAAAAAARABDATR1IgEBBgD+Dq/cAwAAAMCoAAwAAAAAAAAAAAAAAAAAEVu5c6gAAAA

You can see it live at:
http://dataserver.copamnet.com.br:8010/

The logfile server 'll be bound to the external interface until this thread is done.

The transparent proxy is disabled now, the users are accessing via nat.

[pain_elemental]

I have also added a rule on "Lan connections to Internet" as follows:



This rule was added AFTER this discussion and for a minute, just to see what happens (I thinked the transparent proxy worked as a redirection of the request to the proxy, cause when I enable the transparent proxy, it adds a forwar rule with a content that I cannt see)

Then, in the Wingate NAT's log I noticed the following line and others similar to this one (during the time this rule was active):

09/28/05 09:59:50Authorisation failure:NAT STATUS: firewall relay: TCP src 192.168.0.15:3286 dst 64.233.167.99:80

I also checked the box "don't translate the source ip", but i got the same results.

Default action of ALL rules are to allow, there are no deny rules, all services are bound to internal interfaces with everyone access with unrestricted rights.

[MattP]

That www proxy log file didn't have debug logging turned on by the looks of it. Did you open the WWW proxy server, go to the logging menu and enable all logging options? If you didn't, please do.

The system log contains raw data from the driver which is why it looks like garbage, don't worry about that.

When you turn on Transparent Proxy you should see a redirection in the Port Security menu, it will be a yellow icon, this shows you that the traffic on that port is being pushed up to the proxy. Please remove the rule that you have created and see if the redirect is entered when you turn on Transparent Proxy.

[pain_elemental]

All checkboxes was checked since the last post.

The rule was removed since the last post.

I enabled (again) as you said and it (again) added a yellow rule with a comment "Intercepted by WWW proxy server". Then i gone to the client machine and the navigation doesnt work anymore (again). The log has nothing. I manually setup the proxy on this same client machine (Tools->Internet Options->Connection ...) and then the navigation worked and the log was written. But the transparent proxy (interception) doesnt work. It acts like if the connection has gone. But pings works, traceroutes works, ftp connections work, msn messenger works, everithing, but none of the browsers works without manual proxy setup.

Sorry for the inconvenience.

[pain_elemental]

I restarted the computer and the transparent proxy begins to work.

When I enabled the transparent proxy, the gatekeeper didn't told me anything about restart.

Thanks anyway.

[MattP]

So it's working properly now?