I'm using wingate 5.0 with Window Server 2003
I use internet thru ADSL (as bridge), Wifi Access Point (as gateway)
ADSL (192.168.1.1)
Access Point (192.168.0.10)
Wingate Server (IP: 192.168.0.12 Gateway: 192.168.0.10)
Client PC using Wingate DHCP (IP range: 192.168.0.50 - 200 G/Way: 192.168.0.12)
Q1: Why my ENS not working?
Q2: If client use gateway 192.168.0.12 (define by Wingate DHCP), filtering is working but if user/client manually change the gateway to 192.168.0.10, they can connet to internet direct, meaning I cannot control them. So, how to block client from using 192.168.0.10 as a gateway?
TQVM
ENS not working & How to Filter Internet Accessiblity
Moderator: Qbik Staff
2 posts
• Page 1 of 1
ENS not working & How to Filter Internet Accessiblity
by zailan » Oct 28 04 5:43 am
- zailan
- Posts: 1
- Joined: Oct 28 04 5:25 am
ENS not working & How to Filter Internet Accessiblity
by MPHinteractive » Oct 28 04 7:50 am
> ADSL (192.168.1.1)
> Access Point (192.168.0.10)
> Wingate Server (IP: 192.168.0.12 Gateway: 192.168.0.10)
> Client PC using Wingate DHCP (IP range: 192.168.0.50 - 200 G/Way: 192.168.0.12)
From your description, it sounds like you only have one network card in your server, assigned to address 192.168.0.12. I am guessing that the server and the clients are both connected directly to the access point, or to a hub/switch that is connected to the access point.
Here's a crude text diagram...
(internet)--DSLmodem--AccessPoint--Hub/Switch==Server&Client PCs
(-- represents a single wire, == represents multiple wires)
If this is the case, it probably answers both questions...
Taking the second question first, your access point acts as a router just like Wingate does except that it does not provide filtering or some of the other advanced controls. Clients that use it as their gateway can simply ignore the Wingate server. If your network is configured as described above, the clients have equal connectivity to the access point as the server does and can bypass Wingate and its filter.
To resolve this issue, you need to put the access point on a separate network connected to a second network card in your server. Then the server becomes a "go between" and no traffic can pass out to the internet unless it goes through the server.
Thus...
(internet)--DSLmodem--AccessPoint--Server--Hub/Switch==Client PCs
I think this probably answers your first question, too. ENS controls and routes traffic between two (or more) network interfaces, one for external internet traffic and one for internal local area network traffic. If you only have one network interface ENS has nothing to control.
Once you add a second network card to your server and connect it directly to your access point, your access point should be isolated from your network so that no PCs can get to it unless they go through the Wingate server and its filter. In ENS you will need to indicate which network card is your exteranl interface (the one connected to the access point) and which is internal (the one connected to the hub/switch and the rest of your LAN). Then ENS can do its thing.
Hope this helps!
Park Hunter
> Access Point (192.168.0.10)
> Wingate Server (IP: 192.168.0.12 Gateway: 192.168.0.10)
> Client PC using Wingate DHCP (IP range: 192.168.0.50 - 200 G/Way: 192.168.0.12)
From your description, it sounds like you only have one network card in your server, assigned to address 192.168.0.12. I am guessing that the server and the clients are both connected directly to the access point, or to a hub/switch that is connected to the access point.
Here's a crude text diagram...
(internet)--DSLmodem--AccessPoint--Hub/Switch==Server&Client PCs
(-- represents a single wire, == represents multiple wires)
If this is the case, it probably answers both questions...
Taking the second question first, your access point acts as a router just like Wingate does except that it does not provide filtering or some of the other advanced controls. Clients that use it as their gateway can simply ignore the Wingate server. If your network is configured as described above, the clients have equal connectivity to the access point as the server does and can bypass Wingate and its filter.
To resolve this issue, you need to put the access point on a separate network connected to a second network card in your server. Then the server becomes a "go between" and no traffic can pass out to the internet unless it goes through the server.
Thus...
(internet)--DSLmodem--AccessPoint--Server--Hub/Switch==Client PCs
I think this probably answers your first question, too. ENS controls and routes traffic between two (or more) network interfaces, one for external internet traffic and one for internal local area network traffic. If you only have one network interface ENS has nothing to control.
Once you add a second network card to your server and connect it directly to your access point, your access point should be isolated from your network so that no PCs can get to it unless they go through the Wingate server and its filter. In ENS you will need to indicate which network card is your exteranl interface (the one connected to the access point) and which is internal (the one connected to the hub/switch and the rest of your LAN). Then ENS can do its thing.
Hope this helps!
Park Hunter
- MPHinteractive
- Posts: 13
- Joined: May 04 04 8:07 am
2 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 10 guests