Hi.
Running Wingate 4.5.2 on Windows NT 4.0 SP6. I am not using NT User authentication or the wingate client on each workstation. I have the Extended Network Driver enabled and General Purpose Interenet Sharing enabled.
Each user workstation behind Wingate has their web browser to Automatically Detect Settings, which causes them to use NAT rather than the www proxy service.
I have a ban list of banned urls set up for everyone. However, the list seems to be ignored when users are using NAT instead of the www proxy. This is under system policies. If I set up a ban list in the policy for Extended Networking, this is ignored also.
Can anybody help with this?
Thank you
Scott Schaffer
Wingate System Policies and NAT
Moderator: Qbik Staff
6 posts
• Page 1 of 1
Wingate System Policies and NAT
by owzw » Nov 27 03 11:13 am
- owzw
- Posts: 7
- Joined: Nov 27 03 10:59 am
Re: Wingate System Policies and NAT
by tim » Nov 27 03 12:09 pm
owzw wrote:Hi.
Running Wingate 4.5.2 on Windows NT 4.0 SP6. I am not using NT User authentication or the wingate client on each workstation. I have the Extended Network Driver enabled and General Purpose Interenet Sharing enabled.
Each user workstation behind Wingate has their web browser to Automatically Detect Settings, which causes them to use NAT rather than the www proxy service.
I have a ban list of banned urls set up for everyone. However, the list seems to be ignored when users are using NAT instead of the www proxy. This is under system policies. If I set up a ban list in the policy for Extended Networking, this is ignored also.
Hi, Either disable the General Internet Sharing, or turn on Transparant Redirection in the WWW proxy. This will pipe NAT level requests up to the proxy, so it will use your rules.
Tim
Tim Warren
http://www.foto-direct.com
http://www.foto-direct.com
- tim
- Senior Member
- Posts: 109
- Joined: Sep 03 03 2:53 pm
by owzw » Nov 30 03 6:12 am
OK, I have checked off that option. So far, I have been unable to get the ban list working. Users are still able to access addresses on the banned list.
Is my understanding correct that selecting this option causes a browser on a workstation, that is not configured to use the proxy service, to be redirected thru the www proxy service? The help states that for this to work you must use a standard port for the proxy. What is standard? Currently, it uses port 8080.
Also where do I set the restrictions up, in system policies, under www proxy policies or under ENS policies?
Last, what should I set the default system rights for the www proxy and ENS services to: are ignored, may be used or must be granted?
Thanks for your help
Scott Schaffer
Is my understanding correct that selecting this option causes a browser on a workstation, that is not configured to use the proxy service, to be redirected thru the www proxy service? The help states that for this to work you must use a standard port for the proxy. What is standard? Currently, it uses port 8080.
Also where do I set the restrictions up, in system policies, under www proxy policies or under ENS policies?
Last, what should I set the default system rights for the www proxy and ENS services to: are ignored, may be used or must be granted?
Thanks for your help
Scott Schaffer
- owzw
- Posts: 7
- Joined: Nov 27 03 10:59 am
by adrien » Dec 03 03 7:15 pm
Standard port is 80. Transparent redirection currently only works on the same port as the proxy, so if the proxy is on port 8080, then only web connections that went to port 8080 (about 0.0005%) would be intercepted.
You will need to run the web proxy on port 80 for this to be effective.
Did you already have a web server running on port 80 - is that why the proxy was set to the different port?
Adrien
You will need to run the web proxy on port 80 for this to be effective.
Did you already have a web server running on port 80 - is that why the proxy was set to the different port?
Adrien
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
by johnlow » Jan 13 04 12:57 am
I have a question which relates to this point on transparent redirection and the standard port.
You replied "Transparent redirection currently only works on the same port as the proxy......"
I have my clients and the WWW Proxy set to use the a non-standard port 1180 . Clients mostly use WGIC. I have enabled transparent re-direction as I wish to set up policies only in the WWW proxy. Is my thinking correct and is TR working for all clients?
Would you advise me to change the proxy to port 80?
Thanks
You replied "Transparent redirection currently only works on the same port as the proxy......"
I have my clients and the WWW Proxy set to use the a non-standard port 1180 . Clients mostly use WGIC. I have enabled transparent re-direction as I wish to set up policies only in the WWW proxy. Is my thinking correct and is TR working for all clients?
Would you advise me to change the proxy to port 80?
Thanks
- johnlow
- Posts: 3
- Joined: Dec 18 03 5:58 am
6 posts
• Page 1 of 1
Who is online
Users browsing this forum: Bing [Bot] and 2 guests