WinGate Forums

[neil]

Qbik are pleased to announce the release of WinGate VPN 1.0.8, which is available for download soon:


This version contains the following updates, fixes, and new features:

1. Better handling for NICs that provide NDIS task offload (TCP checksum calculation) on behalf of the protocol. This has been disabled by the
driver, as it breaks VPN tunnelled packets. Later versions will complete the TCP checksum on behalf of the protocol before packets are tunnelled.

2. Added path MTU checking on packets outbound from the local stack. For VPN this is important, to allow network clients and servers to communicate over the VPN without causing the VPN packets to be fragmented.

3. Fix for SendComplete notification in cases where the pended send completes immediately when presented to NdisSend. Also fixed the
implementation of the completion, which will currently BSOD.

4. Added path MTU checking for NAT sessions.

5. Implemented path MTU handling for VPN tunnel packets. This is necessary to tunnel a VPN tunnel over another one, and flows back through to the OS as well for connections made over such a tunnel.

6. Added the ability to 'black hole' IP's thus offering better protection and a greater level of control in the Firewall.


Regards,

Neil

[wmason]

I installed the 1.0.8 drivers and am getting a Blue Screen halt upon boot.
The halt occurs on the remote client which is running WinXP SP1.

The halt details are:

QBIKHKXP.SYS STOP 0x000000BE (F7309DFA, 066D1921, F78BF398, 0000000A) Address F72C05B2 Base at F&28F0000 Datestamp 3F77FB8B.

When I tried to boot in safe mode (without networking) to remove the driver, the halt still occurred. The QBIKHKXP.SYS driver should NOT be loading in safe mode.

[adrien]

OK

After 3 reboots, the driver will not load. Because of the type of driver it is, the OS still loads it in safe mode. We have looked at ways around that, but it won't hook where it needs to if we move it to where it won't load, and we get no notification that the system is being booted in safe mode in the driver.

As for the bluescreen, if you reboot a couple more times, then they should stop and the driver will unload.

However, this is very bad news, what sort of networking components do you have installed on that machine? meaning network protocols and adapters.

Adrien

[adrien]

It seems we changed one main thing in moving from the earlier beta drivers to the latest 5.0.8 drvier, and that was the way we hook, which would be consistent with the crash you are seeing.

I am picking that this client machine must have some weird protocol installed. I will send you a new driver to test that uses the old method.. sorry for the inconvenience. We have seen no problems with the new or old driver on any of our test machines here

Adrien

[adrien]

Hi

Been doing a bit more digging. Looks like we have found the source of the problem.

We think with releases of XP that include SP1 (rather than an SP1 upgrade), MS decided to turn on memory protection for kernel drivers. Prior to this, the memory protection was turned off by default. When we hook into NDIS, we alter memory in it in installing our thunking layer which intercepts calls to NDIS. This writes to NDIS memory.

Cut a long story short, there is a registry key you can set to turn memory protection back off, and it stops the bluescreen. We can now replicate that bluescreen here if we set the key.

The key is under:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SessionManager\Memory Management

It is a value called EnforceWriteProtection. This needs to be set to zero.

Adrien

[adrien]

We have another driver too now that fixes this. We will be re-issueing the 5.0.8 download - we have currently pulled it off the site.

We had some code in the driver that disabled write protection for the chunk of memory it was trying to hook - looks like there was a problem with this, so the new driver disables write protection globally now when it installs its trojans, and then sets it back afterwards if it was on before.

We have tested this, and now the driver will boot regardless of this registry key.

We have also just found a way to tell if the OS is booting in safe mode so we will honour that with the new driver as well.

Adrien

[wmason]

Hello Adrien,

At this point, I feeling somewhat frustrated. You have been very responsive in this forum once QBIK took over the forum from Deerfield, who did not provide any support.

Your product seems to be exactly what I'm looking for, but it seems to be very difficult to get it working in my environment, which I consider to be very straigt forward.

I have to say I went balistic when your driver was causing halts in safe mode, which prevented me from uninstalling it. The advice to boot multiple times (>3) did not seem to work for me. Besides, by the time I saw that message, I had already purchased a retail copy of Windows XP in order to boot from CDROM and run the Windows recovery console to remove your driver. This was caused by the fact that the laptop manufacturer's System Recovery disk only provided the ability to reformat and restore the entire disk. Not an option. The laptop did not come with a separate Windows XP CDROM.

I was able to test the new drivers before rebooting and they did not resolve the "system inaccessible" problem we were addressing in the other thread. I did not get a response from you regarding that problem after reporting with the new drivers.

At this point, the 30 day trial license has expired. While I would be happy to purchase multiple copies of your product, if I could get it to work. However, I'm reluctant to do so given the problems I've had.

[adrien]

Hi

I can understand you would be a bit gun-shy. It is very unusual that the driver would cause any problems after that many reboots.

The driver is loaded by the system depending on what start group it is in. For Win2k it is in the PnP Filter group, and for XP I think it is the same. This means the OS loads it no matter what. What we do is check a setting in the registry before we do anything. It is the setting under the services key qbikhkxp\parameters\bootstatus. When the driver starts, it checks this value, if it is zero, it does nothing more, if it is above zero it decrements the key.

The WinGate engine when it starts sets this key back to 3. So if the OS halts before WinGate starts, which it would be in your case, then the key should get to zero, and the driver should refrain from doing anything. All that is left that it does is check this key.

After reading your posts before, we did some more research to check to see if we can recognise if we are loading in safe mode, and we can, so we have now implemented support for that, and again, though we will load, we should be doing nothing that could cause problems.

If you are prepared to keep working with us, I am happy to give you priority support - issues like these are high on our priority list of things to resolve.

Also if you would like an extension to your trial period we can send you another key.

Adrien

Adrien

[wmason]

Hi Adrien,

Yes, I am willing to continue working with you.

Outstanding items:
1) Updated driver
2) Extend trial license
3) Resolve original "machine inaccessible" problem.

[adrien]

OK, just emailed you about 1, and 2. Hopefully we can get on to 3 next

Adrien

[wmason]

Hello Adrien,

Thanks for the key and updated driver. I installed the updated driver on both the server and laptop and was able to reboot without a problem.

The key you sent was a full Wingate enterprise. It does not appear to include VPN. The control panel no longer includes a VPN tab, nor is there a VPN pane on the network tab. The "Intro to Gatekeeper" help screen shows the control panel with a VPN icon. This icon does not appean on my system tab. What I have been trying to test is the VPN client and server. Am I missing something, or do I need different keys?

[adrien]

ah that is most ironic!

Of course, I forgot to send you a proper VPN key! Will send now.

I am most glad to see you were able to install and reboot without incident! That is a big relief!

Adrien

[divinity]

adrien,

it's been some time since i heard back from you on my earlier thread. pehraps this BSOD problem this gentleman is having is the same one that crashed my machine when i installed the beta you sent me? it sounds like his problem is identical to mine...

[adrien]

Actually the last driver I sent fixed the BSOD.

Also have been working with another user and have found and fixed another problem.

We will be releasing a 5.0.9 soon to address all these issues.

Adrien

[divinity]

any idea how soon 5.0.9 will be out? we upgraded to 5.0.8, before all the bugs became evident, and i'd like to minimize the number of times someone has to upgrade the software, as it's the one administration procedure that requires us to send someone to the actual server site...

[wmason]

Hello Adrien,

Sorry for the delay in gatting back to you regarding the 1.0.8 drivers.

After installing the correct license keys and a couple of minor addressing tweaks, I was able to get connected from the remote machine to the gateway machine and can access shared resources on the server including connecting from a remote application to an SQL Server on that machine.

I will be ordering VPN client licenses for my employees.

Thanks for the great support.

Regards,
Warren

[adrien]

You're welcome!

Adrien