I have Windows Nt 4 Server with RAS server.
Lan Ip 192.0.0.201 - 255.255.255.0
Inet Ip 195.158.4.78 - 255.255.255.194
Ras server IP 192.168.0.1, 192.168.0.x - is given to clients
When wingate engine starts. It shows these interfaces in the interfaces tab of advanced options dialog window.
195.158.4.78 - public yes - trusted no
192.0.0.201 - public no - trusted yes (otherwise ftp from lan is not working)
127.0.0.1 - public no - trusted yes
And there is no 192.168.0.1 interface. As a result ftp for dialup users doesn't work.
IF someone connected and disconnected and i restart wingate engine this interface appears.
How can i Solve this problem?
wingate does not show ras server interface
Moderator: Qbik Staff
8 posts
• Page 1 of 1
wingate does not show ras server interface
by jah » Oct 15 03 8:36 pm
Last edited by jah on Oct 16 03 5:36 pm, edited 1 time in total.
- jah
- Posts: 17
- Joined: Oct 15 03 8:27 pm
by erwin » Oct 16 03 9:53 am
Hi Jah,
Just a quick query.
What is the correct Ip address of the internal LAN Network card?
You have it listed as both 192.0.0.201 and 195.0.0.201.
These are both Public IP addresses which is why WinGate sets the trust to "No" by default.
A solution would be to utilize the privite IP range 192.168.x.x for your internal Network, then WinGate will set it to "Public No -Trusted Yes"
Just a quick query.
What is the correct Ip address of the internal LAN Network card?
You have it listed as both 192.0.0.201 and 195.0.0.201.
These are both Public IP addresses which is why WinGate sets the trust to "No" by default.
A solution would be to utilize the privite IP range 192.168.x.x for your internal Network, then WinGate will set it to "Public No -Trusted Yes"
- erwin
- Qbik Staff
- Posts: 408
- Joined: Sep 03 03 2:54 pm
by jah » Oct 16 03 5:39 pm
ugh sorry that was misspelling correct is 192.0.0.201.
This is internal Lan ip adress.
P.S. I have a lot of computers in my subnetwork so it's difficult to change ip addresses to 192.168.0.x.so once again
===========================================
I have Windows Nt 4 Server with RAS server.
Lan Ip 192.0.0.201 - 255.255.255.0
Inet Ip 195.158.4.78 - 255.255.255.194
Ras server IP 192.168.0.1, 192.168.0.x - is given to clients
When wingate engine starts. It shows these interfaces in the interfaces tab of advanced options dialog window.
195.158.4.78 - public yes - trusted no
192.0.0.201 - public no - trusted yes (otherwise ftp from lan is not working)
127.0.0.1 - public no - trusted yes
And there is no 192.168.0.1 interface. As a result ftp for dialup users doesn't work.
IF someone connected and disconnected and i restart wingate engine this interface appears.
How can i Solve this problem?
This is internal Lan ip adress.
P.S. I have a lot of computers in my subnetwork so it's difficult to change ip addresses to 192.168.0.x.so once again
===========================================
I have Windows Nt 4 Server with RAS server.
Lan Ip 192.0.0.201 - 255.255.255.0
Inet Ip 195.158.4.78 - 255.255.255.194
Ras server IP 192.168.0.1, 192.168.0.x - is given to clients
When wingate engine starts. It shows these interfaces in the interfaces tab of advanced options dialog window.
195.158.4.78 - public yes - trusted no
192.0.0.201 - public no - trusted yes (otherwise ftp from lan is not working)
127.0.0.1 - public no - trusted yes
And there is no 192.168.0.1 interface. As a result ftp for dialup users doesn't work.
IF someone connected and disconnected and i restart wingate engine this interface appears.
How can i Solve this problem?
- jah
- Posts: 17
- Joined: Oct 15 03 8:27 pm
by erwin » Oct 17 03 10:40 am
Hi Jah
After some initial testing in the lab we have come up with a viable solution to your problem.
Your current configuration will be fine, however if you wish to have your RAS clients access FTP thru WinGate what you will need to do is this:
1. In the Bindings Tab of the FTP Proxy Service in WinGate set the radio button to "Allow connection in on any interface".
2. After selecting this, you will be presented with a popup dialog warning that you are attempting to bind to an external interface etc, Select "Yes"
3. You then you will recieve another popup dialog asking if you if you wish to make changes in the Firewall... Select "NO"
By configuring this setting, WinGate will allow all interfaces both Public and private addresses that are configured INSIDE your LAN (For example the Ras Ip address(192.168.x.x) to access the FTP Proxy Service.
It will do this without putting a hole in the Firewall and allowing the risk of external Public IP addresses from the Internet trying use the FTP proxy.
Although this RAS interface IP address will not show up in the Options-Advanced-Interfaces, because it is somewhat dynamic, when FTP is configured as above it will allow use of the IP by the FTP Proxy service.
Hopefully this will help, please let us know how you get on.
Regards
Erwin
After some initial testing in the lab we have come up with a viable solution to your problem.
Your current configuration will be fine, however if you wish to have your RAS clients access FTP thru WinGate what you will need to do is this:
1. In the Bindings Tab of the FTP Proxy Service in WinGate set the radio button to "Allow connection in on any interface".
2. After selecting this, you will be presented with a popup dialog warning that you are attempting to bind to an external interface etc, Select "Yes"
3. You then you will recieve another popup dialog asking if you if you wish to make changes in the Firewall... Select "NO"
By configuring this setting, WinGate will allow all interfaces both Public and private addresses that are configured INSIDE your LAN (For example the Ras Ip address(192.168.x.x) to access the FTP Proxy Service.
It will do this without putting a hole in the Firewall and allowing the risk of external Public IP addresses from the Internet trying use the FTP proxy.
Although this RAS interface IP address will not show up in the Options-Advanced-Interfaces, because it is somewhat dynamic, when FTP is configured as above it will allow use of the IP by the FTP Proxy service.
Hopefully this will help, please let us know how you get on.
Regards
Erwin
- erwin
- Qbik Staff
- Posts: 408
- Joined: Sep 03 03 2:54 pm
well
by jah » Oct 18 03 6:05 pm
hi Erwin
RAS clients use NAT.
That means that i Should enable FTP proxy service?
And RAS clients should connect to FTP server through proxy right?
Well ok. I think it's a good solve of the problem.
I'll try it on monday, when i go to job, and tell you about results.
Thanks a lot.
RAS clients use NAT.
That means that i Should enable FTP proxy service?
And RAS clients should connect to FTP server through proxy right?
Well ok. I think it's a good solve of the problem.
I'll try it on monday, when i go to job, and tell you about results.
Thanks a lot.
- jah
- Posts: 17
- Joined: Oct 15 03 8:27 pm
by adrien » Oct 19 03 12:02 am
The problem with WinGate not finding the RAS dialin interface is more of a problem on later OSes (post NT4). because the interface has not been started when WinGate starts, it does not see it.
We are working on a new method for dynamically binding to interfaces, but that will not be available for some time yet sorry.
In the mean time, there are 2 options to get WinGate to see the interface.
1. wait until after someone is dialed in then restart WinGate... it will see the binding, and allow you to bind services to it, then it doesn't matter whether someone hangs up and dials back in or not.
2. bind your services to any interface.
As for NAT, it needs to know whether an interface is external or internal before it will NAT through it. It is possible depending on your IP address that your RAS server is allocating that it might be seen as external, and so WinGate would not NAT.
Adrien
We are working on a new method for dynamically binding to interfaces, but that will not be available for some time yet sorry.
In the mean time, there are 2 options to get WinGate to see the interface.
1. wait until after someone is dialed in then restart WinGate... it will see the binding, and allow you to bind services to it, then it doesn't matter whether someone hangs up and dials back in or not.
2. bind your services to any interface.
As for NAT, it needs to know whether an interface is external or internal before it will NAT through it. It is possible depending on your IP address that your RAS server is allocating that it might be seen as external, and so WinGate would not NAT.
Adrien
- adrien
- Qbik Staff
- Posts: 5443
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
not working :(
by jah » Oct 22 03 6:01 pm
Erwin your solution is not working coz firewall doesnt allow it. (Ftp is connecting but when it hangs when list command is send to server.)
if firewall is off everything is working. If after sopmeone's dial-in i restart WG engine everything is workin coz it recognizes ras interface as trusted.
I can come to solution (if it is solution) like this myself. I need real solution so that everything would work automatically.
Are there any other solves except turning off firewall or restarting WG manually?
if firewall is off everything is working. If after sopmeone's dial-in i restart WG engine everything is workin coz it recognizes ras interface as trusted.
1. wait until after someone is dialed in then restart WinGate... it will see the binding, and allow you to bind services to it, then it doesn't matter whether someone hangs up and dials back in or not.
I can come to solution (if it is solution) like this myself. I need real solution so that everything would work automatically.
Are there any other solves except turning off firewall or restarting WG manually?
- jah
- Posts: 17
- Joined: Oct 15 03 8:27 pm
8 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 149 guests