WinGate Forums

[Prof_Moriarti]

I have configured the Wingate to use Domain users, but when i see the history log there is no user or it says something as guest. Even the client is a pc in a domian enviroment.

What i need is to see the name of the user who had logged on the PC and it is browsing .

What i´m doing wrong¿?

Regards

Thanks in advance

[StealthCubz]

Hi dewd

i had the same problem not so long ago. What Authentication are you using ? NTLM ?

If you Using NTLM try setting the users to "may be assumed" in the WWW proxy poicies ,or install the WGIC on the machines and let that authenticate

[jamesc]

What i´m doing wrong¿?

Here is some information to help - your issue can probably be resolved by looking at number 3. below.


1. When using an Active Directory User Database, you will want to confirm that the "Qbik WinGate Engine" is logging into the Windows Services as a "Domain Administrator" account. You will also want to confirm that your DNS is configured correctly as explained in the following section of the WinGate help file.
WinGate Help --> WinGate Security Model --> WinGate in an AD.


2. There are a few ways you can authenticate when using an AD User Database:
WWW Proxy NTLM Authentication - Secure method - Application must have NTLM Capabilities.
WGIC NTLM Authentication - Secure method - Client install.
Qbik NTLM Authentication - Secure method - Client install.
GateKeeper NTLM Authentication - Secure method - Client install.
Basic Authentication - Insecure method.
Assumed by IP Address - Insecure method.
Assumed by Computer name - Insecure method and WinGate must be DHCP Server.
Unauthenticated Access - Can be set for different connection methods or ports.

Secure method: Then the authentication level of the policy needs to be set to "User must be authenticated"
Insecure method: Then the authentication level of the policy needs to be set to "User may be assumed"
Unauthenticated: Then the authentication level of the policy needs to be set to "User may be unknown"


3. If you have no policies requiring users to Authenticate, then your users will connect with the Guest account. Have a look at the following knowledge base link for help setting up authentication.
http://support.qbik.com/index.php?_a=kn ... bcat&_i=18


4. If you decide to use the WGIC connection/authentication method, then beware that there is a compatibility issue with Outlook 2003, and a bit of extra configuration may be needed for Windows Updates to work.


5. When creating policies for authentication in WinGate beware of the following:
a) When two policies are created for the same user/group, then the policy with the must access will override the policy with the least access.
b) Some connection methods do not have a Generic way to authenticate; e.g. NAT has no way to pass on a user name and password.
c) When you have internet clients connecting to LAN Servers through WinGate, then it may not be practical to authenticate them, and they will connect using the Guest account.
d) In each Server/Service in WinGate, you can set it to interact with a System Policy (Default Rights) in a number of ways:
"Must also be granted": If the e.g. WWW Proxy Server policy allows access to this service, then it must also be checked in the System Polices before it is allowed.
"May be used instead": If the e.g. WWW Proxy Server policy denies the request, then check if the System Policies allow it; if it does, allow the user to access.
"Are ignored": Do not check the System Policies to check if this user is allowed/denied to access to the WWW Proxy Server.

[Prof_Moriarti]

Thanks a lot, the porblem was in then policy i wasn´t forced to be authenticated

Thanks again

Nacho