The setup :
- Win2000 Server with two NIC's (external : Dynamic, local : fixed)
- Wingate DHCP active
- ENS active
- NAT active
- router inactive
- time rules apply for clients (not Wingate-client)
When client is allowed to access Internet (time-schedule)
- all activity is seen in Wingate
- some (Games) shown as NAT-translation
When client is NOT allowed to access Internet (time-schedule)
- HTTP, FTP and so on doesn't work (that's ok)
- games (which normally use NAT) are still possible and are NOT visible in Wingate, therfore bypassing Wingate !
When ENS or NAT is DISABLED and client is NOT allowed to access Internet (time-schedule)
- HTTP, FTP and so on doesn't work (that's ok)
- games DON'T work (as it should be)
On other words, when enabled, NAT always works independant of any other rule
Another problem are programs running on the Wingate-machine, which access Internet directly through the external NIC, and therefore are bypassing Wingate
Questions
- how can this be avoided ?
- how to make the external-NIC only useable TROUGH wingate ?
Thanks for helping me out !
Please help : NAT Wingate 5.0.2
Moderator: Qbik Staff
4 posts
• Page 1 of 1
Please help : NAT Wingate 5.0.2
by wquatan » May 24 04 4:54 am
- wquatan
- Posts: 8
- Joined: Dec 31 03 4:14 am
by MattP » May 24 04 4:49 pm
Hi,
Where have you set these policies? If you've set them in the proxies then only traffic that goes through these proxies will be regulated. You can set the time policy in the system properties, or you can set policies in the Extended Networking menu.
WinGate does not capture the traffic from the local machine so if you are running applications on the WinGate server they won't be visible to WinGate unless you proxy the connection through the internal IP address.
I hope this helps, let us know if you have any further questions.
Best regards,
Matt
Where have you set these policies? If you've set them in the proxies then only traffic that goes through these proxies will be regulated. You can set the time policy in the system properties, or you can set policies in the Extended Networking menu.
WinGate does not capture the traffic from the local machine so if you are running applications on the WinGate server they won't be visible to WinGate unless you proxy the connection through the internal IP address.
I hope this helps, let us know if you have any further questions.
Best regards,
Matt
- MattP
- Qbik Staff
- Posts: 991
- Joined: Sep 08 03 4:30 pm
by wquatan » May 27 04 3:29 am
Hi,
Thanks for replying !
The policies have been set in Groups. That seems ok except for NAT.
When the policy (time-limitations) are applicable, Wingate is bypassed.
For the second remark, these are applications which doesn't have a proxy-configuration. They find their way out through the external-NIC. No way to block this ?
Thanks
Walter
Thanks for replying !
The policies have been set in Groups. That seems ok except for NAT.
When the policy (time-limitations) are applicable, Wingate is bypassed.
For the second remark, these are applications which doesn't have a proxy-configuration. They find their way out through the external-NIC. No way to block this ?
Thanks
Walter
- wquatan
- Posts: 8
- Joined: Dec 31 03 4:14 am
4 posts
• Page 1 of 1
Who is online
Users browsing this forum: Google [Bot] and 8 guests