Allow web access to IP subnet

Use this forum to post questions relating to WinGate, feature requests, technical or configuration problems

Moderator: Qbik Staff

Allow web access to IP subnet

Postby emars » Mar 16 16 4:54 am

Potential new Wingate users here and have already come up with a question.

I have a similar issue to the one posted here: viewtopic.php?f=12&t=41089

My issue is that I plan to use the proxy server from an iPad and do not have the option to set exceptions.

I have about 600 IP's that I would need to whitelist but these are contained within 5 class b networks. I am ok with allowing access to all of the IP's on all of the networks (they are all internal) just not sure how this would be set up from within Wingate. Because the iPads are not on the domain I prefer need to use the IP's instead of addresses.
emars
 
Posts: 2
Joined: Mar 16 16 4:44 am

Re: Allow web access to IP subnet

Postby adrien » Mar 17 16 5:09 pm

Hi

I read that topic, and I'm a bit rusty on it sorry.

Did you want to allow a large number of client IPs to access anywhere, or did you want to lock down a bunch of destinations that can be accessed by IP range?

Web access rules allow you to specify the source of the request in terms of subnets

For destinations based on IP, the question is then whether the clients are using a proxy or not, since if they don't then WinGate gets the destination IP, but otherwise it needs to look up the IP based on the provided name (in the request) which may not be an IP.

Web access rules specify destination in terms of site (e.g. the authority part of a URL), or category, but not by destination IP.

However flow-chart rules do have access to the Session.ServerIp object which has functions

InRange( start, finish)
InSubnet(Network , Mask)

You'd use it with quotes around the value, e.g.

InSubnet("192.168.0.0", "255.255.255.0")

Is that what you mean?

Regards

Adrien
adrien
Qbik Staff
 
Posts: 5441
Joined: Sep 03 03 2:54 pm
Location: Auckland

Re: Allow web access to IP subnet

Postby emars » Mar 18 16 9:23 am

Thanks Adrien, I was actually able to accomplish what I needed with the pattern matching and using a wildcard. Ultimately what I needed was to whitelist one ip in each subnet, so I created a pattern matching classification with (If Site matches text "10.34.*.129") with that in place I am sucessfully passing my traffic
emars
 
Posts: 2
Joined: Mar 16 16 4:44 am


Return to WinGate

Who is online

Users browsing this forum: No registered users and 27 guests

cron