Guest is showing in the WG username field in the history section of wingate. In the www proxy server log, I can only see the guest and not the WG username or username.
How can I get the logs to show the WG username or username?
Thanks!
Ann
WG username
Moderator: Qbik Staff
3 posts
• Page 1 of 1
by MattP » Jan 13 06 9:10 am
Hi Ann,
To see the username in WinGate you must have some form of authentication selected, otherwise WinGate will see everyone as guest.
You have several options for authentication depending on your setup. If you're using the OS database then you can use NTLM authentication. If you run the WinGate Internet Client (WGIC) on the LAN clients then this will pass the NTLM auth details through to WinGate transparently, i.e. the users won't have to do anything and they'll be authenticated.
If you don't want to use the WGIC then you can have them authenticate in the WWW proxy service. IE can be set to use the NT login information to authenticate or they can enter their usernames and passwords.
Alternatively, if you create assumed users (from the other post re: logging) then you can set the authentication level to "user may be assumed", the users will then reflect the machines that they're connecting from.
If you're not using the OS database then you can use Java authentication through the WWW proxy service, this will pop-up a Java login window where the users can enter their username and password to authenticate.
You can also authenticate using the Remote GateKeeper option, where you copy the GateKeeper.exe file to the LAN users' machines and when they want to connect they double click the .exe file and enter their username and password. To do this the Remote Control service must have a binding policy to bind it to the internal adapter.
The last authentication option is Basic, which sends usernames and passwords in plain text and is available through the WWW proxy service.
You can create a policy to require authentication on a system-wide basis, or by individual services. So if you're really only worried about monitoring web (port 80) access you can create a policy in the WWW proxy service, set default rights to are ignored and choose your authentication level. This will allow FTP connections and email (and the other services) to be accessed without authentication but when a web page is opened the users will need to log in.
Sorry this is such a long post, I hope it makes sense.
To see the username in WinGate you must have some form of authentication selected, otherwise WinGate will see everyone as guest.
You have several options for authentication depending on your setup. If you're using the OS database then you can use NTLM authentication. If you run the WinGate Internet Client (WGIC) on the LAN clients then this will pass the NTLM auth details through to WinGate transparently, i.e. the users won't have to do anything and they'll be authenticated.
If you don't want to use the WGIC then you can have them authenticate in the WWW proxy service. IE can be set to use the NT login information to authenticate or they can enter their usernames and passwords.
Alternatively, if you create assumed users (from the other post re: logging) then you can set the authentication level to "user may be assumed", the users will then reflect the machines that they're connecting from.
If you're not using the OS database then you can use Java authentication through the WWW proxy service, this will pop-up a Java login window where the users can enter their username and password to authenticate.
You can also authenticate using the Remote GateKeeper option, where you copy the GateKeeper.exe file to the LAN users' machines and when they want to connect they double click the .exe file and enter their username and password. To do this the Remote Control service must have a binding policy to bind it to the internal adapter.
The last authentication option is Basic, which sends usernames and passwords in plain text and is available through the WWW proxy service.
You can create a policy to require authentication on a system-wide basis, or by individual services. So if you're really only worried about monitoring web (port 80) access you can create a policy in the WWW proxy service, set default rights to are ignored and choose your authentication level. This will allow FTP connections and email (and the other services) to be accessed without authentication but when a web page is opened the users will need to log in.
Sorry this is such a long post, I hope it makes sense.
- MattP
- Qbik Staff
- Posts: 991
- Joined: Sep 08 03 4:30 pm
3 posts
• Page 1 of 1
Who is online
Users browsing this forum: Google [Bot] and 3 guests