WinGate Forums

[trace]

I understand perfectily ! and i delete the macs and let only one and i make another filter with one cliend mac criterion and it's working ! but last night i only try with one mac for cople of times and nothing ! hmm maybe i has to tired :) anyway thx again !

[trace]

one little question ! :) how do i ban an adrres or one website only for one usser ?

[Pascal]

That gets a little bit more complicated. The same principle applies, but you now need to setup a new policy for that user specifically. There you can use the advanced filters and criterion as described before to deny access to that user to that site.

[trace]

Hi Pascal ! off ! i make 16 filters with only one client mac per filter and wingate bans again the clients ! :(

[trace]

i don't know what to do anymore ! :( sometime is working sometime not !but when si starts to ban de clients there is no tourning back i have to set it normal and then set the restriction again

[Pascal]

When it gets into an abnormal state, save and send me the registry. It will likely be a configuration problem, so we'll just need to nut through it and work out where the problems are.

[trace]

ok i whait now and i save when is the moment and send it to u ! today one of my clients change the pc with another and the restriction don't let him to connect from that pc to the internet , ok that's good but when he put his computer back wingate still don't let him to connec because she remember the other mac ! and i have to put the mac adress of that computer to work ! lol is verry hard for me to explain in english i hope u understand,if not tell me and i try harder !

[Pascal]

I'm not quite following the mac remembering bit.

[trace]

what i'm saying is if i am a client and i change my network addpter 1 with an network addapter 2 and then i put back the network addapter 1 and wingate remembers the mac for network addpter 2 but in the pc is network addpther 1 !

[Pascal]

The MAC is determined from the machine. This can happen in a case where the machine's not had a chance to timeout yet. (30 seconds since last activity ceased)

[trace]

Hi pascal ! i send you an email with the registry file !

[trace]

Pascal u got the mail ? :D

[trace]

Pascal i discover what's the problem with wingate ! if i'm an client "x" and my ip is 192.168.1.2 with mac adress 00-01 and another client when my pc is of enters the network with my ip 192.168.1.2 and mac 00-02 ; wingate remebers his netbios name and mac and when i'm entering the network in wingate i apear with his name and his mac aand then ofcourse wingate bans me for incorect mac !

[Pascal]

Pascal u got the mail ? :D

Yes, but I was sleeping at that time. It happens to be very very early morning here :)

[Pascal]

; wingate remebers his netbios name and mac and when i'm entering the network in wingate i apear with his name and his mac aand then ofcourse wingate bans me for incorect mac !

You can solve that easily. Simply add an additional criterion to the filter to include the IP address. Remember, criterion are ANDed together. But it sounds like you might need to use DHCP so you do not have duplicate IPs on your network. That is generally a very bad thing.

[trace]

from some reason i can't set the clients to obtain ip automatically ! u say to set per 1 filter 2 criterions ? 1 client mac and 2 ip adress ?

[Pascal]

Correct. So it would read (In normal English)

Code: Select all

If in (Filter1 the client has a MAC-address of 00-00-00-00-00-01 and the client has an IP-address of 192.168.1.2)
OR if in (Filter2 the client has a MAC-address of 00-00-00-00-00-02 and the client has an IP-address of 192.168.1.3)
then grant access.

[trace]

Pascal the problem is the wingate remembers the inlegal usser and now one of my client apears with another name and another mac in wingate ?

[ChrisH]

This thread has a familar ring to it. I've seen this before in an earlier version of WG and it was brought to this forum here. So it is not a new problem. But in certain circumstances, such as the one trace is encountering with assumed users, it would be helpful if WG code could be adjusted so this doesn't occur and filtering could be applied correctly.

[Pascal]

Accodring to the source code, a machine has a certain 'stay-alive' time in which it's details are remembered. This is to prevent the rapid allocation / de-allocation of objects which can happen if you delete the object immediately after it's last session has terminated. (As the user could simply be clicking open into another browser, be busy finishing reading the page, etc.) The MAC is assigned the first time it creates the object (And then subsequently when it needs to be re-created)

I'll have QA check this today and will get back to you.

[Pascal]

Okay, we just went through QA with this scenario. It is as described. We had two machines as clients, with a policy setup to only allow one of the two MACs. We assigned an IP address to each machine with the same NETBIOS name. One at a time, unplugging network cables in each case. (I realise in your case the IPs were assigned by DHCP, Chris, but Trace was not using DHCP.)

So, the first machine which were allowed access could access the internet. We then disconnected it from the network (unplugged the cable) and connected the other one (plugged it back in). The time between this action was perhaps 10 seconds. When we then tried to surf from the second client (Which should have been denied) we were able to.

We then reversed the cables again so the allowed client was on the network. Waited for the timeout period and tried to access the internet. We were allowed through as expected. Reversed the cables again so the disallowed client was on the network. This time, we gave it 30 seconds after the last session had terminated. In this instance, the machine had disappeared from GateKeeper so when we then tried to access the internet we were blocked. As expected.

The question now is - when you have somebody trying to illegally access your network using an IP address which you have assigned to one of your clients - how long is the time frame between when the legitimate client drops off (No more sessions) and when the illegal one comes on?

[trace]

Pascal one of my client has a diferent name and mac in wingate over a week but i set to default wingate and let everybody to connect :P

[Pascal]

Sorry, say that again please.

[trace]

i said one of my clients has a diferent mac adress and name in wingate from last week ! :)

[Pascal]

So they changed their network card last week or this week? And what was the time difference between when the last session connected with the old MAC and the first session came in with the new MAC?

[trace]

Pascal last week i have a conflic ip and that client apears in wingate with another mac and name now :) and wingate bans him :) because he have ip and mac from that inlegal client who is trying to connect :) and i don't know how to set iti right again :)

[Pascal]

Pascal last week i have a conflic ip and that client apears in wingate with another mac and name now :) and wingate bans him :) because he have ip and mac from that inlegal client who is trying to connect :) and i don't know how to set iti right again :)

Sorry, I'm very dense today. Slowly, please.

Last week:
MAC: 00-00-00-00-00-01
IP: 192.168.0.x
Should connect: No, IP was in conflict with another user
WinGate Blocks: Yes

This week:
MAC: 00-00-00-00-00-02
IP: 192.168.0.y
Should connect: No, but this matches a legal user
WinGate Blocks: Yes

Is that roughly correct?

[trace]

corect !

[Pascal]

Can you email me an example with the exact numbers, so I can try and work it out, please.

[trace]

The real problem is i wanna connect 2 networks togeder and i can't do that if someone can steel my bandwidth so i test the wingate with u tould me to do ! but for example if i'm a legal usser in wingate and i wanna connect the laptop another pc or a laptop to copy something on the network! if i do that when i put my cable back to my pc wingate se the mac and the name to the laptop not my pc anymore :) (sorry my english :) ) so pls tell my one way to connect my network with another without problems pls !