WinGate Forums

[belgor]

hi, i have setup assumed users and setup mac filter in the system policies, but i keep getting authentication problems every day and when i click on properties for that user in the user list it reports the pc mac address as 00-00-00-00-00-00 instead of what it should be, if i shut down and restart that remote pc several times all then starts working again, i have searched through the forums but cant find any one else with this problem, please please can any one help me, many thanks in advance

[ChrisH]

Is WG acting as the DHCP server on your LAN? What is the OS of the WG machine and of the client machine? What about firewalls on remote machine? What version of WG are you using? Is this a peer based LAN or a domain? The more we know the better.

[adrien]

One other thing.

Is the client on the same subnet as the WinGate server? If it's going through a router to get to WinGate, then WinGate's ARP-cache query for the client's MAC address will get the router's MAC address instead of the client's one.

Regards

Adrien

[belgor]

Hi again, thanks for the replies, i'll try to answer your questions

wingate version 6.1.4 (also tested it on 6.2 with same problem)
wingate is not set as DHCP as client pc are set with static ip's
wingate os is windows xp pro
client pc's us windows xp pro
peer based lan

all client pc's are on the same subnet as the wingate server, no router is used

[ChrisH]

I'm pretty certain WG has to be DHCP server in order to do MAC policies correctly. If you can, try WG being DHCP server and client machines obtaining IP addresses/gateway automatically. MY feeling is that you will be good to go.

[belgor]

Hi,
I followed your suggestion to set it to DHCP, all is now working fine.

Many, many thanks

[belgor]

Many thanks with my previous problem, but i have another ongoing problem which i tried and tried to resolve.....

i have tried to setup a port forward (eg open a port so i can access an outside computer network which is not always on the same ip)

i keep getting authentication fail on guest from ip: on the port i opened when trying to access the remote pc

any ideas what i am doing wrong ?

thanks in advance

[jamesc]

i have tried to setup a port forward (eg open a port so i can access an outside computer network which is not always on the same ip)

--> My interpretation. You have a LAN Client on your network behind WinGate and it is trying to connect to a server on the internet.

i keep getting authentication fail on guest from ip: on the port i opened when trying to access the remote pc

-->
1. If you want to use the Guest account for this connection then confirm it is enabled in WinGate.

2. If you are using the NAT connection method, then remember that it has no generic way to pass on a user name and password. So if this server you are trying to connect to is always on a certain port, e.g. 5900, then you *may want to create a policy allowing unauthenticated access.

e.g. Extended Networking Service --> Policies.
Default Rights, May be used instead (or your decision)
Add --> Guest, User may be unknown.
Advanced tab:
Filter 1
This criterion is met if Server Port equals 5900

3. Review the way your LAN Clients authenticate, there are a few ways to do it:

WinGate User Database.
WWW Proxy Java Authentication - Secure method.
WGIC Authentication - Secure method - Client install.
Qbik Authentication - Secure method - Client install.
GateKeeper Authentication - Secure method - Client install.
Basic Authentication - Insecure method.
Assumed by IP Address - Insecure method.
Assumed by Computer name - Insecure method and WinGate must be DHCP Server.
Unauthenticated Access - Can be set for different connection methods or ports.

Local Windows User Database
WWW Proxy NTLM Authentication - Secure method - Applications needs to be NTLM Compatible
WGIC NTLM Authentication - Secure method - Client install.
Qbik NTLM Authentication - Secure method - Client install.
GateKeeper NTLM Authentication - Secure method - Client install.
Basic Authentication - Insecure method.
Assumed by IP Address - Insecure method.
Assumed by Computer name - Insecure method and WinGate must be DHCP Server.
Unauthenticated Access - Can be set for different connection methods or ports.

Domain User Database.
WWW Proxy NTLM Authentication - Secure method - Applications needs to be NTLM Compatible
WGIC NTLM Authentication - Secure method - Client install.
Qbik NTLM Authentication - Secure method - Client install.
GateKeeper NTLM Authentication - Secure method - Client install.
Basic Authentication - Insecure method.
Assumed by IP Address - Insecure method.
Assumed by Computer name - Insecure method and WinGate must be DHCP Server.
Unauthenticated Access - Can be set for different connection methods or ports.

Secure methods need a policy authentication level of "User must be authenticated".
Insecure methods need a policy authentication level of "User may be assumed".
Unauthenticated access needs a policy authentication level of "User may be unknown".

[belgor]

Hi Jamesc,

Many many thanks for your quick reply.

I followed your instructions and all is working perfectly.

Thanks for you help.

Just one quick question, is it safe to use the Guest account and/or is it possible to use a different account rather than the Guest account but i guess if an incoming connection is not always on the same ip then this would not work ?

[jamesc]

Just one quick question, is it safe to use the Guest account and/or is it possible to use a different account rather than the Guest account but i guess if an incoming connection is not always on the same ip then this would not work ?

To address your question, the forum should know your desired result(s) and maybe some context for your concerns; i.e. my interpretation of the latter part of this post was a LAN Client connecting out to the internet, but now it sounds like it is the other way round.