what are the requirements to install wingate?
do i need 2 nic?
what os should i have, winxp? or server based?
wingate requirement
Moderator: Qbik Staff
18 posts
• Page 1 of 1
by genie » Dec 06 04 5:29 pm
It depends on what you are going to use Wingate for. 2 NICs are required if you need to route between them - say, you have a DSL router (1 NIC - external) and the second NIC for LAN - that's where your clients will be located. You can use just 1 NIC and a modem or just 1 modem - to use Wingate as a VPN client. In short - the actual requirements in terms of connectivty points depend on your use of Wingate.
Wingate supports OSs from 95 upwards.
Wingate supports OSs from 95 upwards.
- genie
- Qbik Staff
- Posts: 1788
- Joined: Sep 30 03 10:29 am
by sosibor » Dec 08 04 4:51 pm
will the below config work?
- install wingate on a nt server with only one nic
- nt server ip is 10.0.0.2, subnet 255.255.255.0, default gw 10.0.0.1
- all other workstation ip are 10.0.0.100 to 10.0.0.200
- all subnet mask is 255.255.255.0
- all workstations default gateway is 10.0.0.2
- there is a router that route traffic to internet 10.0.0.1
i know i can point all workstation to my router for internet access, but i want to do an authentication for users before they access to internet.
will wingate able to work in this manner and configure to do authentication?
Please advise, many thanks
- install wingate on a nt server with only one nic
- nt server ip is 10.0.0.2, subnet 255.255.255.0, default gw 10.0.0.1
- all other workstation ip are 10.0.0.100 to 10.0.0.200
- all subnet mask is 255.255.255.0
- all workstations default gateway is 10.0.0.2
- there is a router that route traffic to internet 10.0.0.1
i know i can point all workstation to my router for internet access, but i want to do an authentication for users before they access to internet.
will wingate able to work in this manner and configure to do authentication?
Please advise, many thanks
- sosibor
- Posts: 9
- Joined: Dec 06 04 4:33 pm
by Pascal » Dec 08 04 5:22 pm
If you want to NAT (Default gateway route) you need two interfaces. Otherwise, WinGate can't determine what the interface is - Internal vs External / Private vs Public ? So, your local machines connecting through the WinGate machines will be firewalled, etc.
Your setup can work, but then you need to use Proxy configuration or the WinGate Internet Client.
WinGate is available on a 30 day trial - so that gives you the opportunity to install it and see how it will work in your scenario.
Your setup can work, but then you need to use Proxy configuration or the WinGate Internet Client.
WinGate is available on a 30 day trial - so that gives you the opportunity to install it and see how it will work in your scenario.
- Pascal
- Qbik Staff
- Posts: 2623
- Joined: Sep 08 03 8:19 pm
- Location: Auckland, New Zealand
by sosibor » Dec 08 04 7:54 pm
what if i don't want to use Proxy configuration nor WinGate Internet Client?
i don't want to do any client side installation nor configuration
everything will be set on my dhcp server
will it be better if i install another nic?
all workstation on 172.100.100.x network
nic1 is 172.100.100.1
nic2 is 10.0.0.2 and connect to Router (10.0.0.1)
next is how can i setup the authentication part?
want each workstation to key in a password or id or both before can gain access to internet web, pop3 & smtp
possible?
i don't want to do any client side installation nor configuration
everything will be set on my dhcp server
will it be better if i install another nic?
all workstation on 172.100.100.x network
nic1 is 172.100.100.1
nic2 is 10.0.0.2 and connect to Router (10.0.0.1)
next is how can i setup the authentication part?
want each workstation to key in a password or id or both before can gain access to internet web, pop3 & smtp
possible?
- sosibor
- Posts: 9
- Joined: Dec 06 04 4:33 pm
by Pascal » Dec 08 04 9:17 pm
Possible and a lot better. The dual NIC configuration is significantly better. Authentication depends on how your users 'use' their computers.
Personally, I think NTLM is the best and easiest choice. It's supported through the browser, etc. and is reasonably transparent. Your login to the OS then effectively becomes your login to the Internet as well.
http://www.wingate.com/download.php
You can download the WinGate helpfile there to read more about different authentication methods, etc.
Personally, I think NTLM is the best and easiest choice. It's supported through the browser, etc. and is reasonably transparent. Your login to the OS then effectively becomes your login to the Internet as well.
http://www.wingate.com/download.php
You can download the WinGate helpfile there to read more about different authentication methods, etc.
- Pascal
- Qbik Staff
- Posts: 2623
- Joined: Sep 08 03 8:19 pm
- Location: Auckland, New Zealand
by sosibor » Dec 09 04 4:03 pm
i'd downloaded and install wingate6 onto a xphome machine with 2 nic
i also did an enable ip route in registry.
from 172.100.100.3 i cannot ping to 10.0.0.1 but i can ping to 10.0.0.2 and 172.100.100.1
did i missed out some setting in wingate or others?
please advise
i also did an enable ip route in registry.
from 172.100.100.3 i cannot ping to 10.0.0.1 but i can ping to 10.0.0.2 and 172.100.100.1
did i missed out some setting in wingate or others?
please advise
- sosibor
- Posts: 9
- Joined: Dec 06 04 4:33 pm
by Pascal » Dec 09 04 4:10 pm
Can you ping anything beyond your router? (Outside of the internet)
Can you ping the router from the WinGate Server?
Is your router normally pingable?
Have you double checked the adapter useage in WinGate? Make sure that the NIC connected to your router is marked as "External" and the NIC connected to your LAN is marked as "Internal".
Then, what type (Make and Model - if possible chipset) of network card do you have? Are any of them based on the Realtek 8029 chipset?
Can you ping the router from the WinGate Server?
Is your router normally pingable?
Have you double checked the adapter useage in WinGate? Make sure that the NIC connected to your router is marked as "External" and the NIC connected to your LAN is marked as "Internal".
Then, what type (Make and Model - if possible chipset) of network card do you have? Are any of them based on the Realtek 8029 chipset?
- Pascal
- Qbik Staff
- Posts: 2623
- Joined: Sep 08 03 8:19 pm
- Location: Auckland, New Zealand
by ITB » Dec 09 04 9:37 pm
sosibor wrote:...
next is how can i setup the authentication part?
...
Just some info:
If you are using Win2k3 DHCP server authentication won't work :(.
You have to use Wingate DHCP server for authentication to work.
Info is posted here:
http://forums.qbik.com/viewtopic.php?t= ... entication
Hope Wingate will do something about this...
I've been told there's a life outside the internet, but I can't seem to find the download file :(
- ITB
- Posts: 16
- Joined: Feb 05 04 9:10 pm
by Pascal » Dec 09 04 9:40 pm
Slight correction on that statement. Authentication will work. The only thing that will not work is username assumption by machine; rather than by IP. This has been the case since the first release of Wingate to include DHCP - for it to assume that it has to actually serve the information to the client. (So it knows everything about the client)
- Pascal
- Qbik Staff
- Posts: 2623
- Joined: Sep 08 03 8:19 pm
- Location: Auckland, New Zealand
by Pascal » Dec 10 04 2:40 pm
Depends on how you want to authenticate. There's a distinct difference between the two concepts here. So, to hopefully explain things clearly:
Authentication is when the server and the client exchanges some form of knowledge about the identity of the user and provides a means of validating that that knowledge is correct.
In WinGate, assumptions mean that the WinGate server assumes the user is somebody by identifying where the connection is coming from. An assumption is not as strong as authentication (Because it could be anyone using that computer)
So - if you are using NAT on it's own you are limited in what you can do. As this is essentially a stream of traffic going through the WinGate Server you can basically only use assumptions as there is no way to know what higher level protocol is in operation. (And thus inject a form of authentication into the stream)
With proxies, WinGate knows and understands the higher level protocol. It is then able to provide authentication mechanisms for the user. The same with using the WinGate Internet Client - because it must make a WRP connection to the server first, they can exchange authentication information.
If you are using NAT however, you can enable Intercepts. (On the sessions page of the WWW Proxy Server in WinGate 6). Once you do that, all NAT traffic on the specified ports (Usually port 80) will be redirected through the proxy - allowing you to authenticate it.
Authentication is when the server and the client exchanges some form of knowledge about the identity of the user and provides a means of validating that that knowledge is correct.
In WinGate, assumptions mean that the WinGate server assumes the user is somebody by identifying where the connection is coming from. An assumption is not as strong as authentication (Because it could be anyone using that computer)
So - if you are using NAT on it's own you are limited in what you can do. As this is essentially a stream of traffic going through the WinGate Server you can basically only use assumptions as there is no way to know what higher level protocol is in operation. (And thus inject a form of authentication into the stream)
With proxies, WinGate knows and understands the higher level protocol. It is then able to provide authentication mechanisms for the user. The same with using the WinGate Internet Client - because it must make a WRP connection to the server first, they can exchange authentication information.
If you are using NAT however, you can enable Intercepts. (On the sessions page of the WWW Proxy Server in WinGate 6). Once you do that, all NAT traffic on the specified ports (Usually port 80) will be redirected through the proxy - allowing you to authenticate it.
- Pascal
- Qbik Staff
- Posts: 2623
- Joined: Sep 08 03 8:19 pm
- Location: Auckland, New Zealand
18 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 2 guests