WinGate Forums

[Patrick Lichtner]

Dear Sir or Madam,

we have got a problem regarding the Emailguard of AntiVir antivirus. The internal communication within the application AntiVir is TCP/IP based. The Ports needed by AntiVir are:
40250 : Port des AntiVir Mail Guard
45427 : AntiVir MailSecurity Service
18350 : Default Port fuer den AntiVir Guard
We tried to add these Port via the extended networking tab.
(http://forums.qbik.com/viewtopic.php?t= ... light=port)
First question: Which Option is needed here (there three possibilities to choose:
- Connections from the Internet
- LAN connections to WinGate PC
- LAN connections to Internet
We think it is LAN connections to WinGate PC, right?
Perhaps you do have other suggestions or a workaround regarding this issue?!

Another question:
Is it possible to export the whole configuration of wingate with e.g. a global config file? How could i export the configuration and import it on antoher wingate system?

Thank you in advance for your feedback.

Greetings,
Patrick Lichtner
mailto:plichtner@antivir.de

[Pascal]

Depends on where the communication needs to go. From the sound of it - it is going from your local (client) computer to the WinGate Server, is that correct?

The port ranges are:

Connections from the Internet -> Incoming to your network / WinGate Server from the internet

LAN connections to the WinGate PC -> Connections from a client to the WinGate Server itself (Not going outside of your network)

LAN connections to the Internet -> Connections from a client to the Internet (Going outside your network)

However, in normal cases - when you are only connecting to an internal machine (LAN -> WinGate PC, for example) you do not need to open a port range. Do you see any firewall hits when you attempt this connection?

Secondly, if you want to export / import the WinGate config - the easiest option is to export the registry for it. You can do this in GateKeeper, under "Options" -> "Advanced". There is a button "Save Registry Settings" which exports your configuration for you.

[Patrick Lichtner]

Dear Pascal,

thank you for your feedback.

>>
Depends on where the communication needs to go. From the sound of it - it is going from your local (client) computer to the WinGate Server, is that correct?
>>
Well, the antivirus communicates locally via TCP/IP.
So there is a wingate network. On the one hand the antivirus in installed on each client on this network and on the other hand the antivirus is also installed on the wingate server system. NOTE: The communication is local on each system and the ports mentioned above are needed by teh application part, like the on-access scanner, the on-demand scanner and the emailguard. Second NOTE: Now it is "only" the emailguard that still causes the problems.

>>
The port ranges are:
Connections from the Internet -> Incoming to your network / WinGate Server from the internet

LAN connections to the WinGate PC -> Connections from a client to the WinGate Server itself (Not going outside of your network)

LAN connections to the Internet -> Connections from a client to the Internet (Going outside your network)
>>
THX. So which one shopuld i choose?


>>
Secondly, if you want to export / import the WinGate config - the easiest option is to export the registry for it. You can do this in GateKeeper, under "Options" -> "Advanced". There is a button "Save Registry Settings" which exports your configuration for you.
>>
Thank you for that hint and thank yo in advance for your feedback again.

Many Greetings,
Patrick Lichtner

[Pascal]

LAN connections to the WinGate PC -> Connections from a client to the WinGate Server itself (Not going outside of your network)

However, in normal cases - when you are only connecting to an internal machine (LAN -> WinGate PC, for example) you do not need to open a port range. Do you see any firewall hits when you attempt this connection?

I'd pick LAN connections to the WinGate PC. However, if you are seeing firewall hits (And that's why you're opening the ports) it is likely that your adapters are configured wrong (In GateKeeper, on the Network tab), etc.

[Patrick Lichtner]

Dear Pascal,

thank you for your feedback.

>>
I'd pick LAN connections to the WinGate PC.
>>
Ok, we'll try.

>>
However, if you are seeing firewall hits (And that's why you're opening the ports) it is likely that your adapters are configured wrong (In GateKeeper, on the Network tab), etc.
>>
Sorry i did not mention in last email: Of course i see firewall hits. Like i told you it is a TCP/IP communication.
Although te communication is local the local firewall alerts the communication, of course.
So we will check the adapters again. Thank you so long.

Greetings
Patrick Lichtner

[Pascal]

Ok. Just seemed odd, is all. I believe the default action for the "LAN -> WinGate PC" is allow; which made it seem odd. Should probably have checked that with you first.

[Patrick Lichtner]

Dear Sir or Madam,

regarding the port problems could you please tell me if it is possible to open ports on Wingate if ens is not installed? (Gatekeeper->System->Extended Networking->Extended Network Dirver is not installed) or is there another way thow to configure wingate to open the needed ports for our antivirus?

Thank you very much in advance for your feedback!

Greets,
Patrick Lichtner

[Pascal]

Ok. Now I am very confused. Earlier you said: "Of course i see firewall hits". Is that in another firewall product on the same machine?

If you have WinGate's Extended Networking Services disabled (Including the firewall) and you are connecting to the central server on the WinGate machine - nothing in WinGate can be blocking you.

If you have another firewall product installed (Or OS level) that could be blocking you?

[Patrick Lichtner]

Dear Pascal,

thank you for your answer.

>>
Ok. Now I am very confused.
>>
Sorry about that.

>>
Earlier you said: "Of course i see firewall hits". Is that in another firewall product on the same machine?
>>
Sorry but this was a misunderstanding. I thought you mean if there qould be a firewall. There is none so i don't see the hits but i would if i had one. Sorry. Theres no other firewall on this machine.

>>
If you have WinGate's Extended Networking Services disabled (Including the firewall) and you are connecting to the central server on the WinGate machine - nothing in WinGate can be blocking you.
>>
Sorry do you mean the Networking Services installed but disabled or not installed at all?
I think there is a way to disable the installed Network Services (if they are installed :) )?

No there's no other Firewall aktive on this System.

Thank you!

[Pascal]

Sorry do you mean the Networking Services installed but disabled or not installed at all?
I think there is a way to disable the installed Network Services (if they are installed :) )?

Yes, you untick the "Use Extended Networking Services" tickbox on the main page. But, if yours says "Not installed" then it should not be a problem.

Is it possible for you to take a screenshot of the ENS general tab for me, please. Then, write a short note that explains how the computers connect to each other and where what software is installed and what the IP addresses are.

E.g.

WinGate Server (Int: 192.168.0.1, Ext: xxx.xxx.xxx.xx).
Runs AntiVirus Server listening on port 20100.

Client PC (Int: 192.168.0.2)
Runs AntiVirus Client which tries to connect to WG Server.
Has ZoneAlarm installed
Default gateway and DNS is set to WG Server

Client PC#2 (Int: 192.168.0.3)
Runs AntiVirus Client which tries to connect to WG Server.
Uses WinGate Internet Client, with DNS set to WG Server

etc. That will give me an idea of what your setup looks like. Then email me the screenshot, please (Email address is listed in my profile).