WinGate Forums

[jpderooy]

Hi,

We want to use Wingate VPN to allow employees to connect and work on our server when working at home. This is the situation now:

One (1) Internet Server (gateway). Not part of the network domain, running Wingate. This server is for gateway purposes only.

One (1) Application/file Server. Primary domain, user log on to this server, running Windows 2003.

We want to install VPN on the Internet Server and give the employees access to the application/file server. How can we make this work? Do we have to make the internet server part of the domain, and what settings do we have to make in Wingate VPN?

Any help is welcome!

[genie]

In you case (from Wingate perspective) all you need to do is to create VPN server on your Wingate machine and, if WG is not a default route for the application server) create a route to your application server from Wingate machine and from App server to WG machine (or install RIP client there). Then all users should install Wingate VPN on their remote machines/networks and create VPN joiners to your WG server. The rest of configuration (rights, permissions, etc) depend on the application server functionality.

[jpderooy]

Just ordered Wingate VPN. I'll install it next week and try to configure it as you mentioned. Thanks for your respond, and I'll let you know if it works!

[genie]

No worries. Meanwhile, you can download and install trial Wingates, have them configured and tested - all you need to do when you get your license key is to enter it - no re-installs are necessary.

[jpderooy]

Today I received our VPN key. I used the License Manager to activate the VPN software, this is the correct way to do it right?

After a reboot of the wingate engine, I see the VPN option in the list. If the above steps are ok, how can I setup the Internet Gateway (running wingate and VPN) to accept VPN connections from the internet?

[genie]

You have to allow TCP and UDP traffic on port 809 (by default) to be forwarded to your VPN machine.

[jpderooy]

Hi,

We have an internet gateway and a file server. On this file server I want to grand access to remote users (VPN).

Sorry for the confusion, but do I have to install wingate VPN on the file server and remap the port from wingate (on the internet gateway to the file server (VPN)? Or do I have to install both (wingate and VPN) on the internet gateway?

I hope you can help me out with this!

[genie]

:)) Now I am confused :)
If you already have Wingate server installed then it can serve as a VPN server and all you need to do is to allow your upstream router (if you have any) to pump traffic through port 809 (TCP and UDP) through to you Wingate machine.

[jpderooy]

lol! Here it is what I mean:

Code: Select all

                _____        _____
               |     |      |     |
______         |     |      |     |
|__A__|        |  B  |      |  C  |
               |     |      |     |
               |_____|      |_____|


A) DLS modem (build in firewall)
B) Internet gateway (Windows NT and Wingate Standard
C) File/application server and domain controller (Windows SBS 2003)

I want to grand access from remote users to the File/application server (C). Now Is my question: where do I have to install and configure VPN? Do I have to activate VPN on wingate (on server B), or do I have to install VPN on server C so they have access to the right machine?

I hope this makes thing clear ;)

Thanks!

[genie]

Activate VPN on server B. Allow it to serve the network (Participation is local network) and that's basically it.

[jpderooy]

Ok, now my images from my previous post is ok, look up :)

I'll go and try what you sais. I want to tell you that the internet gateway isn't a member of the domain. Sorry for these questions, but isn;t it possible to install VPN on server C so it's running on the correct machines when users connect? And open VPN port on DSL modem an tunnel VPN port on wingate to server C?


Another (small) question: is there a seperate VPN client I can install for the remote users?

Sorry for my misunderstanding :S

[genie]

Yes, it is definitely possible - all you have to do is to create a relay for ports 809 TCP and UDP in Wingate (server B). Mind you, I'd suggest that you upgrade to the latest version of Wingate if you are not running v6.0.4

[jpderooy]

Great! Quick reply and good answers thanks!

All I want to know is what you would suggest: Your solution (wingate + VPN on one server.) Or install VPN direct on the 'good' server so that the remote users are directly on the good server?

And is there a special VPN client installation for the remote client?

[genie]

Well, the actual setup depends on your requirements. However, if there are no pressing financial issues involved I'd suggest to have it installed separately - then you can avoid giving access to your entire network but rathe rgive access to one particular machine only- besides, in that case all you need is VPN Only license.

On the remote machine you have to have Wingate installed, too - but the users can have VPN only version installed which is cheaper and does not require complex handling and configuration.

[jpderooy]

Great!

This is what I'm going to setup:

- VPN only (installer form the web) on server C
- VPN only (installer form the web) on the remote client.
- Update Wingate to 6.0.4

We have a "WinGate VPN 2.x gateway license for 3 user LAN + 1 yr UP"


Correct? After this I'll try to leave you alone ;)

[genie]

Sounds like a plan. However, you will need new licenses for your new VPN installation and your remote client node.

[jpderooy]

I'll de-activate my current VPN licence (installed on the wingate server) so I have 3 new licenses free. One (1) for the VPN only server installation and one (1) for the remote client (this currently one employee).


This is possible right?

[joseph]

I have a couple of problems:

1. The Wingate monotor does not appear in the task bar.
2. Once manually clicking on winGate monitor also nothing happens.

Do you have an installation guide w/ troubleshooting

I am installing on XP pro service pack2