WinGate Forums

[alexr]

WinGate (WG) has many open connections that runs to timeout. Our WG lisence is slighly smaller than the number of computers in our network. That used to work perfectly.

Now WG has many "hanging" connections. NAT UDP & ICMP?

All computers seem to contact the WG server fairly often, and a UDP connection hangs for a long time.

We recently changed and upgraded our network:
- upgraded our PDC from Windows NT4 to Windows Server 2003 (WS)
- changed IP-range from 192.168.0.* to 192.168.137.*
- changed DHCP from WG computer to new WS
- set up DNS on Windows Server:
- WS is DNS in network
- if not found, check WG computer
- DNS service is running there pointing to ISP's DNS.

[alexr]

In fact, the WS DNS was set to forward queries directly to our ISP's DNS. I have now set this to work as my explanation earlier. Not sure, yet, if this is the solution to my troubles.

[erwin]

Hi Alexr

You will have to set the internal IP of the WinGate machine in the Forward lookup tab of the Win2003 DNS servers DNS configuration.

This way when clients make a Internet request this will be sent by the Win2003 DNS server to WinGate which will then in turn query the ISPs DNS for clients requests through its Internet connection (Interface).

Regards
Erwin

[alexr]

It is the way you describe.

This is our setup:

====================
WS (Windows Server 2003 DC)
====================

LAN-NIC:
------------------------------------
Default gateway: WG_IP
Preferred DNS: WS_IP

DHCP Server:
------------------------------------
003 Router: WG_IP
006 DNS Servers: WS_IP

====================
WG (Windows 2000 Professional, WinGate)
====================

LAN-NIC
------------------------------------
Fixed local IP
No default gateway
Preferred DNS: WS_IP

WAN-NIC (Internet)
------------------------------------
Fixed external IP
Gateway: Router IP
DNS: ISP's DNS IP

WinGate (Pro)
------------------------------------
DNS/WINS Resolver: DNS: ISP's DNS IP (primary & secondary)

====================

Hope this is enough info to assist you in helping us.

Lastly, this is possibly more of a Windows Server issue... but how can I distribute by DHCP the 'do not use proxy for local addresses' and set SSL to 443 so that web clients work with Auto Config?

Alex.

[erwin]

Hi Alex

By the looks of things your setup should work.
Are your clients able to access the Internet OK this way?

I take it that you have set the WinGate Lan IP in the forward lookup tab of WS DNS server DNS configuration, and not the IP of the ISP's DNS.

DNS of course uses UDP (port 53) for its requests which is why if there was a misconfiguration with DNS then you might see these.

Have you checked to see if there are any other UDP broadcast oriented applications such as time sychronization etc running on the network, or can you see where these UDP connections are originating from

Netbios broadcasts also use UDP (ports 137,138,139) and if your LAN still uses Netbios to identify machine names and resources, then there is a possibility these broadcasts too could show up in Gatekeeper.

Regards
Erwin

[alexr]

Internet access is working completely fine - when there is sufficient connections, that is.

WinGate LAN IP is set for forward lookup on DNS Server.

There isn't supposed to be other UDP apps running, but we have noticed some of our computers accessing printers on their old IP's - even if these printers no longer exist on the actual computer.

We do not use WINS, is it sufficient to block ports 137 through 139 from LAN on WinGate to prevent these from showing up in Gatekeeper and clogging WinGate?