WinGate Forums

[drjohn999]

I installed Wingate VPN on another laptop, trial license. This one has Windows Firewall running (the other systems I had installed on used NIS and experienced no problem with it).

The VPN connection works fine IF Windows Firewall is disabled, but then Windows firewall complains and wants to be turned back on. There are two (?) Wingate related entries in the Windows Firewall exception program list, one of which is checked and one not. Both of these entries point to a (different) path in the C:\Documents and Settings\Username\... tree. It looks to me as if the VPN installation somehow tried to set up an exception in Windows Firewall but got it wrong. The installation was run off the internet directly, i.e. the download of the VPN installer went into the user's temp folder and ran from there, and this is where one of the paths for the exception points. So, perhaps there is a problem with installing this way (that's for you to figure out if you want):>

Back to the immediate problem; I have two questions:

1) Is there a way for Windows Firewall to be "aware" of the Wingate firewall instance and thus be set not to "complain" that it (Windows Firewall) is not active? (As NIS will do)

or

2) What are the correct settings for the exception entry (I assume there should be just one) for Wingate VPN? Shouldn't the path be c:\program files\wingate\wingate.exe ? And, are there any additional changes to either the scope of the program exception, for specific ports, or for the network connection? If I would guess, I would open port 809 for incoming UDP packets.

Thanks again for your assistance,

DJ

[genie]

Hi,

Unfortunately, there is no way at the moment to avoid this "unawareness" firewall thing.

As of the exception, the actual path depends on where you installed wingate, but the executable name is wingate.exe as you correctly pointed out. wingate.exe uses port 809 (TCP and UDP) for VPN support and port 808 YCP for Gatekeeper connection. Other ports and protocols depend on Wingate configuration - port 53 UDP, for example, is used for DNS service.

[drjohn999]

A quick follow-up on the XP firewall issue (SP2 security center). The user was unable, by explicitly opening 809 in both directions (presumably both UDP and TCP) and adding the wingate.exe executable to the permission list, to get Wingate VPN to communicate thru the XP firewall. So, at this point after having explained to them that Wingate provides a suitable firewall service anyway, they simply deactivate the XP firewall before connecting to the VPN and they have had no further problems.

But, and I'm being repetative now, it should be possible to work thru the XP firewall and thus avoid XP's irritating warning that "You may not be protected..."

Anyhow, the VPN here is functioning very well with two clients on laptops and a third adding in soon.

- DJ

[Pascal]

With reference to your first post - WinGate will not attempt to modify any Windows Firewall settings.

As to removing the XP nag screen ... not without jumping through several hoops. You should be able to set the Firewall status in Security Center to "Not Monitored" however. That is what I do with my installation here and at home.

As to the ports, 809 TCP and 809 UDP should be all that is required. Just double check what the ports are that are listed on the General Page of the global VPN configuration for WinGate. It might have been changed by the user?