WinGate Forums

[gsmollin]

I am using Wingate version 5.0.7, although the results are the same in 5.0.10. Wingate server is installed on a Pentium computer running Windows 2000 Workstation SP4. Wingate was clean-installed, ENS was enabled during installation, and otherwise defaults are in use.

Here's the problem: When web-surfing, pages do not load, or only partially load. NAT connections show up in Gatekeeper. Client computers are running Red Hat Linix, Suse Linux, and Windows 2000. In the W2000 case, WGIC does work, but NAT does not. In the Red Hat Linux case, the laptop computer works using NAT when wired into a Cisco Systems Router, or into a Buffalo Tech wireless router, but not Wingate. In the Suse Linux case, this computer used to work with Wingate 2.0.2 over Windows NT 4.0 SP6, but now it won't work.

ICQ and AIM work correctly.

[neil]

So do ICQ and AIM connect out via NAT? Or are they using the Socks? If NAT, does this mean that only port 80 connections fail? Also does direct proxying work?

When you try and NAT do you see the client conention show up in Gatekeepers Activity screen? If not, does it show up in the firewall tab?!

Regards

Neil

[gsmollin]

I believe that ICQ and AIM are connecting out via NAT, not Socks. They were being used on a Redhat Linux laptop on a wireless subnet, and I did not see the Gatekeeper screen on the Wingate server, so I believe NAT was in use, but I can't swear to it. Should I verify this?

Port 80 connections and port 21 connections fail on NAT; WS_FTP fails using NAT as well as Netscape 7.1. The direct proxy works on Netscape. I'm using it right now. WS_FTP works on WGIC; I have not tried it on direct proxy.

NAT connections clearly show up in the Gatekeeper activity screen. They will also linger there for a long time, even after the browser has given an error message. There is nothing showing up in the firewall tab. Actually, nothing ever shows up in the firewall tab, which is also strange, since when I was using version 5.0.2, on Windows NT4.0, there were always messages in the firewall tab. Is that significant?

[gsmollin]

Bump... its at the top again. Is anybody from Qbik out there?

Here's another piece of information. I discovered that if I enable "transparent redirection" then clients can communicate with Wingate using NAT. The activity screen in Gatekeeper now shows proxy activity instead of NAT translations of course. That may be a clue as to why NAT doesn't work. So I can make web browsing and FTP and everything there is a proxy server for work correctly now. Of course that still doesn't fix NAT.

Another piece of info: The firewall is configured as "Custom", because there is a port open to run a "War Craft" game server. I know there is an issue with a disabled firewall and NAT. Is there one with a custom setting?

[adrien]

Hi
How do you connect to the internet from that machine... the main difference between proxies and NAT in this respect is that with the proxy, the outbound connection goes all the way out through the local OS's TCP/IP stack, whereas with NAT it bypasses most of it... if there is something in between that is doing something necessary then that could be a source of problems.

Adrien

[gsmollin]

I connect to the internet through a NIC to a Westell external DSL modem which is connected to a telephone line to my DSL ISP. The connection from the Wingate server is always good.

[adrien]

does the external DSL modem do NAT itself, or do you run PPPoE or PPPoA to it (i.e. does it show up as a dialup profile?)

As for the firewall tab... if things used to show up there, I guess the answer to my first question must be that the DSL modem doesn't do NAT, else it would have blocked such things.

The 5.0.7 and 5.0.8 and later drivers handle PPPoE and PPPoA quite differently (in the main the 5.1 driver handles it better), mainly because of where we hook in the network stack. We did make some changes to the latest driver with respect to dialup that may well solve this problem for you...

Adrien

[gsmollin]

I installed Wingate 5.1, and NAT still does not work.

My DSL modem uses a PPPoE interface. The PPPoE interface is provided by WinPoet, from Fine Point Technologies. WinPoet is bundled on a CD from Verizon DSL. Verizon is the local telephone company, and DSL provider.

[gsmollin]

As you can see, this problem has been lying in the Wingate IN basket for a week without a response. Meanwhile, I have not been idle, and I have solved the NAT problem: I installed a router/firewall. It is with some sadness that I have to say I will not be installing the next version of Wingate, because I have been using this product since version 2. Hear me Qbik- you would be well advised to find the solution to these NAT problems before you lose more customers. Goodbye.

[robwatson83]

DISGUSTING

HAVING SAME PROBLEMS

GOING INSANE

SHOPPING FOR ROUTER NOW.

PLEASE HELP OR CUSTOM GONE.

[MattP]

Hi Rob,

Can you give us some details about your situation?

[richieopera]

My NAT is also not working for no apparent reason as it used to work. I have tried the previous version also but no luck. With the new one clients come through as NAT but receive no bytes back and on the previous version nothing comes through as NAT

[adrien]

Hi

when you say used to work, was that with a previous WinGate version (e.g. 5.0.7)? Or did anything change, or nothing?

The problem is for many reasons we had to change over our ENS driver to a new architecture, and it is possible that the fix for some things didn't get properly migrated to the new driver.

Adrien

[richieopera]

well, i upgraded to 1mb broadband and it worked but it kept crashing (with .0.7), so i updated wingate to (.1.0) and it stopped altogether. I was advised to downgrade and i did but NAT connections stopped coming through to the wingate server altogether. I am now using .2.0 and i am in the same position. I have not changed any network settings or anything since it worked. I have even tried installing a fresh winXP on my other drive and installing wingate only but nothing :(

[richieopera]

do you think it would be a good idea to just get a router?

[voman]

well, i upgraded to 1mb broadband and it worked but it kept crashing (with .0.7), so i updated wingate to (.1.0) and it stopped altogether. I was advised to downgrade and i did but NAT connections stopped coming through to the wingate server altogether. I am now using .2.0 and i am in the same position. I have not changed any network settings or anything since it worked. I have even tried installing a fresh winXP on my other drive and installing wingate only but nothing :(

My story is the same. I ran e test server with wg 5.07 for 3 weeks. Everything was OK except for frequent crash that drove me not to adopt wg as my sharing solution. Now I´m trying 5.2 release. It seems to be very stable even on a windows 98 server. The problem is NAT does not work: windows messenger doesn´t connect (only through proxy), nothing appears in the firewall panel of gatekeeper, I can not access anymore a MySQL server through o port that I redirected in the port security option.
Bye.
Victor

[richieopera]

need some technical help on this NAT...

[richieopera]

any one got any fresh ideas?

[MattP]

Can you give us some more information about your situation? What happens when you try to make a NAT connection? Have you checked tjat your network setup is working correctly? Can you try a proxy connection and see if that works? Can the server browse the internet when the clients cannot?

[genie]

A couple of things to test:
1. Can you ping anything from the client?
2. Try reducing MSS on the client machine. If this helps the last release of Wingate has an ability to reduce MSS automatically.

[richieopera]

What's MSS?
all proxy connections work, the host can connect to the internet.
each pc can connect to every other pc and we have shared drives etc. that all work.
i'm not sure about pinging a site on a client? won't this just go through the regular proxy?

thanks...

[richieopera]

i pinged www.google.com and it changes it to www.google.[something].net but the request times out. It also comes through to the proxy as a DNS lookup not NAT. Nothing comes through as NAT :/

also i am connecting through AOL 9.0 dialer but also use AOL 8.0

This has not been working for over a month now and i really cannot think what the problem is atall...

[richieopera]

...

[Pascal]

Quick question - what IP addres is allocated to the broadband connection ?

For NAT to work 100%, it needs to go from a private -> public address. (Or, something that has been setup as that in GK - Advanced Options - last tab)

I assume browsing / net access from the server is fine ?

[gremlin]

i have the same problem (NAT not working) with wingate 5.0.10.

runs on a little pentium / windows 98 SE (ISDN)


if i enable NAT only the ICQ-client can connect. ANY other service (even WGIC or internal VNC) will stop immediately. even on the wingate-server you can not connect to the internet (http, ftp). ping or DNS does NOT work.
firewall is off, wingate-DHCP is set to assign DNS and Default-Gateway to the clints (this works fine). gatekeeper shows the connections-tryouts made by the clients.
with NAT disabled all works fine (DNS, ping, VNC, WGIC etc.)

WGIC works fine, but now i have to use NAT. wingate 4 works more than 3 years without problems, so i still want to use wingate....

any hints ?

CU Gremlin

[kgoodknecht]

i have the same problem (NAT not working) with wingate 5.0.10.

runs on a little pentium / windows 98 SE (ISDN)


if i enable NAT only the ICQ-client can connect. ANY other service (even WGIC or internal VNC) will stop immediately. even on the wingate-server you can not connect to the internet (http, ftp). ping or DNS does NOT work.
firewall is off, wingate-DHCP is set to assign DNS and Default-Gateway to the clints (this works fine). gatekeeper shows the connections-tryouts made by the clients.
with NAT disabled all works fine (DNS, ping, VNC, WGIC etc.)

WGIC works fine, but now i have to use NAT. wingate 4 works more than 3 years without problems, so i still want to use wingate....

any hints ?

CU Gremlin

You say you have to use NAT now. Does that mean you did not use it before?

Can you post your IP configuration?
Post which is set up as your internal NIC and which is set up as your public NIC.
In the Options Menu->Advanced->Network Interfaces Tab Which is defined as Trust and which is defined as Public which is trusted?
Did you define the Wingate internal NIC as the gateway for the clients?

Kevin D. Goodknecht [MVP]

[gremlin]

You say you have to use NAT now. Does that mean you did not use it before?

yes, in the past i've used wingate 4 with the client, but now i have to connect some none-windows machines

Can you post your IP configuration?
Post which is set up as your internal NIC and which is set up as your public NIC.

the internal NIC has static IP (192.168.0.4 / 255.255.255.0) and is marked as trusted (YES) and non public (NO), similar the loopback (127.0.1).
the dial-up adapter is marked public (YES) and non-trusted (NO)

Did you define the Wingate internal NIC as the gateway for the clients?

yes. the wingate DCHP-server ist set to assign DNS and gateway to the client. this works fine.

what i'm wondering about is, why the wingate-machine itself can not connect to the internet when NAT ist enabled. (browser gets no connection).
with NAT enabeld, even the DHCP does not work.
very strange...

CU Gremlin

[Pascal]

what i'm wondering about is, why the wingate-machine itself can not connect to the internet when NAT ist enabled. (browser gets no connection).
with NAT enabeld, even the DHCP does not work.
very strange...
CU Gremlin

My first thought is - upgrade to 5.2.2. Secondly, if NAT is not working ... that's a tough one. First request would be a copy of the route table when (a) the ISDN adapter is connected and (b) NAT is enabled. Then, also enable full logging (Including debug) on for ENS/NAT, and see if anything interesting pops up in the logs.

Lastly, if you set a manual proxy in IE on the Server (Just as a test), can it connect with NAT enabled ?