WinGate Forums

[dop38]

Hi,
Sorry for my english :(

I'm currently evaluating WinGate 6.1.1 (1077)
I'm use NTLM auth + AD user database. Clients -- Windows XP Pro SP2.
WWW-browsing working fine, but other applications can't authorize after IE stop browsing.
For example, while user request html page, he can receive/send email (pop3, smtp) and connect through SOCKS to ICQ server.

After 10 seconds MS Outlook Express 6 can't connect to proxy -- "authentification failed"

WGIC resolve this problem, but it sometime request credentials before user logon into Windows and it conflict with RADMIN application (remote administration utility www.radmin.com)

If user connect to ICQ (or other SOCKS service) server then his authentification never break ...

1) Java auth is disabled :(
2) Assumed by computer name is not acceptable (any user on any computer)
3) Assumed by IP is not acceptable because I'm use dynamic ip's

Thank you ...

[Pascal]

From the sound of it you have your policies set to require authentication. NTLM auth through the web proxy will give you the required security level; but POP3, etc. will not. (Secure vs Unsecure auth)

When you close the browser the user/computer's auth status drops to "Assumed", rather than "Authenticated" and if a subsequent session for the same machine does not use an authentication scheme which will raise the security level it will be denied access.

There are several ways around this; one such is using WGIC but excluding System Applications that do not need to access the Internet. Another alternative is to use the Qbik Auth Tool to authenticate users with WinGate.

[dop38]

Thank you,
But WGIC is not acceptable by several reasons
What is "Qbik Auth Tool" ?
I'm wrote C++ tool that authentificate user, connect to SOCKS and wait for disconnect, then connect again and again and again ... %)

[Pascal]

I'll find a link for you; should be somewhere under our downloads. Another alternative is to use GateKeeper, but that has a larger UI footprint while the auth tool just sits in the clock window.

[Pascal]

Got it; download from here

[dop38]

Got it; download from here

Thank you very much ! :)

[dop38]

Sorry, but i'm found unexpected bug :(
QbikAuth cannot authorize user with password in russsian letters. Just change user password to "english letters + numbers" and all works fine.

Russian keyboard layout is default. And i can't require users to switch layouts every logon to system :(

stupid users :))))

Can you help me ?

[Pascal]

Sure, I'll pass it on to Genie.

[genie]

Sure - will check it now.

[dop38]

Genie,
I'm use link from Pascal, but downloaded file is identical to previous version.
What's wrong ?

[genie]

Hold on, the link there pointed to the old version of the file.

[dop38]

waiting for new version :)

[genie]

Quick question: do you use NTLM-based authenctication?

[dop38]

yes. NTLM only.
Users in domain.
Usernames -- latin letters only
Passwords -- latin, russian letters, digits.
History contains lines with username and clear COMPUTER and WG USER fields :(

[genie]

I ran the tests and it appeared that there is a problem when authentication token is being built with password in Russian - we'll do some additional research on this matter.

[dop38]

thank you.
still waiting ...

[dop38]

And what ?
This problem is unresolveable ?
I need to search other application for proxy ?