WinGate Forums

[Bloue]

Hi, sorry if something has been posted already, show me the link, but i've read this forum tons of time and i never found out so i now ask.
Actually i have 2 questions :

Configuration : 2003 server / Active directory with DHCP and DNS working (nslookup verified) / 2 network cards, a local one, one on the internet / wingate 6.0.3 (scare to have to reconfigure everything if I update 6.0.4 !) with DNCP and DNS services not activated, and in DNS / WINS resolver the addresses of my internal and external DNS.

I pointed the internal/secure and external networks in Wingate.

If I ping any server name (www.toto.com) from a command prompt, internal or external, it is revolved into an IP address.

We use NAT, there are no Wingate clients on machines, it was an hassling stuff to have SQL server working on local machines, so we stopped.

NOW :

1/ In gatekeeper, all my network clients are most of the time represented by their internal IP Address, and SOMETIMES NOT.
2/ All their network connections are represented in IP addresses.

WHY ?

2/ but this is another subject, who is willing to tell me STEP BY STEP (i saw stuff here and there but can't figure out where to begin with, how to configure clients so that they are not "GUEST" in the history, i read it's in winsock redirector, i read it is in Extended networking, i'm messed up.

Thanks for understanding my english, i'm french.
Thanks if any body answers, even with links if somebody already asked the question.
Or tell me to take a ticket, if it's too much of a peculiar problem.

Catrine

[jamesc]

Bonjour Catrine,

Je voudrais courir ceci après mes collègues avant de vous donner une réponse précise. Conseillera demain.

-------------------------------------

Hi Catrine,

I would like to run this past my colleagues before giving you an accurate answer. Will advise tomorrow.

[jamesc]

2/ but this is another subject, who is willing to tell me STEP BY STEP (i saw stuff here and there but can't figure out where to begin with, how to configure clients so that they are not "GUEST" in the history, i read it's in winsock redirector, i read it is in Extended networking, i'm messed up.

Have you set the users to be authenticated?

You may want to turn on intercepts; that is , when using NAT, if a client is trying to connect to port 80 on a remote server, the proxy will catch it and authenticate the user.



Then you would want to add a policy in for everyone to be authenticated.

1/ In gatekeeper, all my network clients are most of the time represented by their internal IP Address, and SOMETIMES NOT.

With the ones that are not, do they have the Windows firewall on?

2/ All their network connections are represented in IP addresses.

Does it have "NAT connection" in front of the IP address?

[Bloue]

Thanks for answering.

SO :

NO, i didn't ask to intercept on port 80
So i did it. I guess i have to restart the service so i'll do it during lunch time.
2/ We disable the xp firewall on all machines as we have network antivirus, and SUS.
3/ yes, it's written NAT : TCP connection to 198.25.sxx.yyy
or UDP connection to blabla

What a mess, hummmmmmmm ?

Catrine

[jamesc]

Hi Bloue,

I have added an image in the post above regarding authentication.

2/ We disable the xp firewall on all machines as we have network antivirus, and SUS.

What AntiVirus program do you run?
What is SUS?

3/ yes, it's written NAT : TCP connection to 198.25.sxx.yyy
or UDP connection to blabla

That is expected for NAT

[Bloue]

hi james

if I do what you tell me to do, intercept port 80, nobody can connect anymore anywhere !
if i do "user must be authenticated" with the same settings as you show, nothing changes, i still only guest logins, no user name and guest in WG Username.

WUS Windows update or system update services
Anti virus : used to be avast, changed to mc afee a week ago. nothing went different in any way during this changes.

i'm sick, sort of, with this wingate stuff ! i can't figure out the way it really works.

Will a lot of problems appear or might appear, if i upgrade to the 0.4 ?

catrine

[jamesc]

Hi Bloue,

Starting from the Beginning. Here is one way you can authenticate your users.

1. What user database are you using for authentication in WinGate? If you require NTLM, then select the appropriate option and synchronisation method.



2. If you are using an operating system database, then select NTLM in WWW Proxy Service. If you are not, select a different method



3. Turn on Intercepts



4. Set everyone to require authentication



5. Verify that IE is passing authentication on as "you" require



Things to note.

a) If you purchase WinGate, you may want to buy off a french reseller, so you can get support in your native language: http://www.wingate.com/resellers.php
b) It is a good idea when you are evaluating / configuring software to set up a test environment, before rolling out to a live environment.
c) When we get this completed, it may be worth us discussing your DNS / Active Directory settings.
d) 6.0.4 has 31 documented changes since 6.0.3. The changes are listed here: http://www.wingate.com/downloads/6.0.3_ ... hanges.txt

[Bloue]

Hi boy
just give up !
everything is set the way you showed me (exept from the obtain list from server \\myserver), as we are in an AD environment.
But everybody is still a guest, and some computers show by ip address and some others by name, and nothing changed.
I looked in the dns server if the stations A names were correct, they are.
Sometimes, it's not worth looking too much for a bad cross in a bad place.
I'll come in the week end, will uninstall and re install 6.4 after i read the papers you gave me the link to.
By the way, i didn't experiment wingate, but it was installed by my boss when i showed up in the society, and he himself does not really know the way it works !!!
catrine