Hi Folks,
I am trying to create a Ban List to prevent visits to web sites such as espn.com but when I surf on the workstation computers, I still can get access.
Any Ideas?
Thanks in advance,
Dave
Ban List Problems
Moderator: Qbik Staff
6 posts
• Page 1 of 1
Ban List Problems
by Dave Keller » Nov 02 04 10:39 pm
- Dave Keller
- Posts: 4
- Joined: Nov 02 04 10:34 pm
by Pascal » Nov 02 04 11:01 pm
Few tips here. Make sure that your traffic is actually going through the appropriate proxy. If you are currently using NAT, the fastest way to do this would be to switch on Intercepts.
Secondly, when using HTTP URL the "contains" verb is the best one to use. (Gives you a better chance of getting the entirety of the site)
Secondly, when using HTTP URL the "contains" verb is the best one to use. (Gives you a better chance of getting the entirety of the site)
- Pascal
- Qbik Staff
- Posts: 2623
- Joined: Sep 08 03 8:19 pm
- Location: Auckland, New Zealand
by Dave Keller » Nov 02 04 11:26 pm
Thanks Pascal,
I am a little brain dead when it comes to this stuff but I have tried the following:
Set up a ban list within the www proxy settings in WinGate
Set Windows Internet to forced local proxy address (127.0.0.1 port 80)
Used the "contains" verb
Still can't access sites from the workstations. What did you mean exactly by "switch on Intercepts" ???
Thanks very much for your help.
I am a little brain dead when it comes to this stuff but I have tried the following:
Set up a ban list within the www proxy settings in WinGate
Set Windows Internet to forced local proxy address (127.0.0.1 port 80)
Used the "contains" verb
Still can't access sites from the workstations. What did you mean exactly by "switch on Intercepts" ???
Thanks very much for your help.
- Dave Keller
- Posts: 4
- Joined: Nov 02 04 10:34 pm
by Pascal » Nov 02 04 11:34 pm
Okay, which machine did you configure to use the proxy? The WinGate Server or your client computers?
You should set that on your clients.
Now, more detailed. When connecting a client computer through / to WinGate, you have three options. Each has their relevant pros and cons, but they are generally fairly well balanced. You can find a lot more info on this in the Help File, but will give you a basic rundown here.
First, NAT. This is Network Address Translation. Your clients, all on a private subnet, connect out through their Default Gateway, the WinGate Server. This is the easiest one to setup, because all that is required is for you to modify the TCP/IP properties of the client computer (In your "Local Area Connection", etc.") to point their default gateway (And normally DNS) to the Internal IP address of the WinGate Server. This is the closest you'll come to 'raw' data travelling out to the internet.
Intercepts is a feature that allows you to redirect such NAT traffic through the appropriate proxies (Like the WWW Proxy) so that WinGate can inspect it according to the proxies rules, run data scanning plugins on it, etc.
Second, WinGate Internet Client. The WinGate Internet Client involves installing a LSP (Layered Service Provider) on the Client computers. WGIC is quite good, and with 6.x it has become even better, as you can control and restrict which Internet Enabled applications your users are allowed to run. The clients discover the WinGate Server through GDP broadcasts and communicate directly with the WinGate Server.
Intercepts applies to this as well.
Thirdly, Direct Proxy. This is the most involved setup because you need to configure each application individually to ensure that it will proxy through WinGate. For most users, this is your email client and your browser, so it should be relatively easy. This involves pointing the appropriate application to the WinGate Server's internal IP (As in previous instructions).
You should set that on your clients.
Now, more detailed. When connecting a client computer through / to WinGate, you have three options. Each has their relevant pros and cons, but they are generally fairly well balanced. You can find a lot more info on this in the Help File, but will give you a basic rundown here.
First, NAT. This is Network Address Translation. Your clients, all on a private subnet, connect out through their Default Gateway, the WinGate Server. This is the easiest one to setup, because all that is required is for you to modify the TCP/IP properties of the client computer (In your "Local Area Connection", etc.") to point their default gateway (And normally DNS) to the Internal IP address of the WinGate Server. This is the closest you'll come to 'raw' data travelling out to the internet.
Intercepts is a feature that allows you to redirect such NAT traffic through the appropriate proxies (Like the WWW Proxy) so that WinGate can inspect it according to the proxies rules, run data scanning plugins on it, etc.
Second, WinGate Internet Client. The WinGate Internet Client involves installing a LSP (Layered Service Provider) on the Client computers. WGIC is quite good, and with 6.x it has become even better, as you can control and restrict which Internet Enabled applications your users are allowed to run. The clients discover the WinGate Server through GDP broadcasts and communicate directly with the WinGate Server.
Intercepts applies to this as well.
Thirdly, Direct Proxy. This is the most involved setup because you need to configure each application individually to ensure that it will proxy through WinGate. For most users, this is your email client and your browser, so it should be relatively easy. This involves pointing the appropriate application to the WinGate Server's internal IP (As in previous instructions).
- Pascal
- Qbik Staff
- Posts: 2623
- Joined: Sep 08 03 8:19 pm
- Location: Auckland, New Zealand
by Dave Keller » Nov 03 04 12:17 am
Thanks Pascal,
I am up and running with select websites being blocked successfully!
My next task is to set up an internal email system that will capture our individual employee email from the net and forward to their work client computers. Do you have a for dummy's page to assist in setup of this?
Thanks again for the help,
Dave
I am up and running with select websites being blocked successfully!
My next task is to set up an internal email system that will capture our individual employee email from the net and forward to their work client computers. Do you have a for dummy's page to assist in setup of this?
Thanks again for the help,
Dave
- Dave Keller
- Posts: 4
- Joined: Nov 02 04 10:34 pm
6 posts
• Page 1 of 1
Who is online
Users browsing this forum: Bing [Bot], Google [Bot] and 13 guests