Hello,
I have installed trial version of wingate 6.2.0 and I wanted to try transparent redirection but with no success.
I have noticed that there is some problem with firewall but I don't know how to solve.
I have two network adapters,
1st WAN which is connected to the roter which provides internet and is marked as external in wingate
2nd is LAN, marked as internal and shoud provide internet for rest of the clients.
both adapters are on the same netmask but different range
I have tried different settings for this but so far this worked w/o problems
So, I have two questions,
1st, when I enable www proxy w/o transparent redirection on port 80 for ex. it works but when I enable transparent redirection it stops working immediately.
If I put settings for proxy server in browser setup it starts working, but if automatic detection of proxy servers is enabled nothing happens.
I have tried several times, then I try to reinstall wingate, and now, this is something new...
When firewall in wingate is active, I can not ping both network adapters locally not to mention from the network.
When I disable firewall I can ping lan adapters.
Could you please tell me what am I doing wrong and how to make transparent redirection to work.
Wingate 6.2.0 transparent proxy not working!
Moderator: Qbik Staff
2 posts
• Page 1 of 1
Wingate 6.2.0 transparent proxy not working!
by cgoran » Jan 09 07 3:57 am
- cgoran
- Posts: 1
- Joined: Jan 09 07 1:47 am
by adrien » Jan 10 07 4:11 pm
Hi
Couple of things.
1. Automatic proxy detection
This relies on DNS. When a browser is configured for automatic proxy detection, it does a DNS lookup for the name "WPAD". If the client machine is using WinGate as its DNS server, then WinGate will respond to this DNS lookup and send back its own IP. If the client is using another DNS server, then unless that DNS server recognises the request for "WPAD", proxy auto detection won't work.
So if WinGate is the client's DNS server, the client resolves "WPAD" to winGate's IP, then connects to WinGate on port 80, and requests a file called "/WPAD.DAT". If WinGate's WWW proxy is running on port 80, then it will get this request, and if enabled (there's a setting) then it will send back a proxy auto config file. If the WWW proxy is running on another port (i.e. if you are running another WWW server on port 80 on that machine), then this will fail.
So the checklist for proxy auto config to work is:
* Make sure client machines can lookup "WPAD" with DNS. This means that either the clients must use WinGate as their DNS server, or the network DNS server must return WinGate's (or another WWW server if you want to manually create a WPAD.DAT file and serve it from another server) IP address for this name.
* Make sure that either WinGate is running a WWW proxy on port 80, or that whichever webserver the clients will use is able to respond to the request for WPAD.DAT
2. Firewall issue
If you are unable to ping WinGate with a default install, then the firewall must be blocking it. WinGate will block ping access by default on interfaces it deems are external. Interfaces with public IP addresses are deemed external by default, you can override this by double-clicking on the adapter in GateKeeper and setting it to what you want.
So it sounds like most likely due to choice of IP addresses used on your network, that WinGate is treating your internal network adapters as external, and firewalling connections.
Couple of things.
1. Automatic proxy detection
This relies on DNS. When a browser is configured for automatic proxy detection, it does a DNS lookup for the name "WPAD". If the client machine is using WinGate as its DNS server, then WinGate will respond to this DNS lookup and send back its own IP. If the client is using another DNS server, then unless that DNS server recognises the request for "WPAD", proxy auto detection won't work.
So if WinGate is the client's DNS server, the client resolves "WPAD" to winGate's IP, then connects to WinGate on port 80, and requests a file called "/WPAD.DAT". If WinGate's WWW proxy is running on port 80, then it will get this request, and if enabled (there's a setting) then it will send back a proxy auto config file. If the WWW proxy is running on another port (i.e. if you are running another WWW server on port 80 on that machine), then this will fail.
So the checklist for proxy auto config to work is:
* Make sure client machines can lookup "WPAD" with DNS. This means that either the clients must use WinGate as their DNS server, or the network DNS server must return WinGate's (or another WWW server if you want to manually create a WPAD.DAT file and serve it from another server) IP address for this name.
* Make sure that either WinGate is running a WWW proxy on port 80, or that whichever webserver the clients will use is able to respond to the request for WPAD.DAT
2. Firewall issue
If you are unable to ping WinGate with a default install, then the firewall must be blocking it. WinGate will block ping access by default on interfaces it deems are external. Interfaces with public IP addresses are deemed external by default, you can override this by double-clicking on the adapter in GateKeeper and setting it to what you want.
So it sounds like most likely due to choice of IP addresses used on your network, that WinGate is treating your internal network adapters as external, and firewalling connections.
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
2 posts
• Page 1 of 1
Who is online
Users browsing this forum: Majestic-12 [Bot] and 7 guests