WinGate Forums

[mdc]

Hi

I am going to evaluate Wingate, we are currently using Winproxy and I have a couple of questions before installing.

I notice at the top of the forum about a possible SP2 issue, should I set the box up with SP1 only?

Email
I have done some reading on this and I am a little confused.
Is it required we set up email accounts on the Wingate box in order to have email scanned for viruses?
Our email accounts are from our domain that we have hosted at a hosting service, in Winproxy we send and receive email directly from there and Panda scans them no problem.


Regards

Mark

[Nev]

Hi

I am going to evaluate Wingate, we are currently using Winproxy and I have a couple of questions before installing.

I notice at the top of the forum about a possible SP2 issue, should I set the box up with SP1 only?

Hi Mark, well that depends on just how many connections could be made, if it is a small network then probably ok to use SP2 but if say more that three or four, SP1 looks the better choice.

Email
I have done some reading on this and I am a little confused.
Is it required we set up email accounts on the Wingate box in order to have email scanned for viruses?
Our email accounts are from our domain that we have hosted at a hosting service, in Winproxy we send and receive email directly from there and Panda scans them no problem.


Regards

Mark

No, you can have Wingate scan mail and web pages adding the KAV plugin if you wish and it does this at the proxy level where the data is passed through the POP3 proxy.

In this method I configure all email clients to point to the Wingate machine as their 'email server' and a user name with a delimeter [#] such as user22@isp.com#mail.isp.com in this way the proxy determines User and remote POP3 on behalf of the client.

Or, if you don't need scanning, disable the POP3 proxy and have the client connect directly to the remote POP3 box via NAT, same applies here to sending, disable the SMTP Server to use NAT instead of configuring a profile in 'Email' for the delivery of mail.

Hope this helps.

[logan]

Hi Mark, well that depends on just how many connections could be made, if it is a small network then probably ok to use SP2 but if say more that three or four, SP1 looks the better choice.

Hi Mark. Just to prevent confusion for you and any other forum users that may read this post, there is only a potential problem with Windows XP SP2. Windows Server 2003 SP2 retains a much higher limit on half-open connections since it is an OS designed specifically for server applications.

[mdc]

Thank you for the replies.

I installed Wingate at home to test it out before deploying it at work.

I noticed a couple of things.

I have a Linux box and 3 other XP boxes, the Linux box was very slugish on Wingate but has no problems with Winproxy.

I am unable to see other boxes on the network, I am running peer to peer, is there some setting I am missing in Wingate to allow this?

[Nev]

Hi Mark,

What it could be is the network interface Usage.

Check in GateKeeper for the internal // external to be designated as required.



Also the client pc's just need to point to the Wingate server for a Gateway and DNS, however in the 'Internal' NIC in the Wingate machine there should be no Gateway defined, just an IP and Mask.

[mdc]

I have two connections like in the picture, one set to external and the other set to internal.
The internal one is set to 10.0.0.1 255.255.255.0

Using DHCP
All clients have internet access, but no clients see each other on the network.
Checked IP config on the client
ip 10.0.0.2 255.0.0.0 10.0.0.1
Interesting that the DHCP is supplying a different subnet mask

[adrien]

10.x.x.x is defined as a "class A" private address, so by default WinGate allocates a class A mask (255.0.0.0)

But that can be changed in the WinGate DHCP settings.

As for sluggishness, what is the linux box trying to do? Just web browsing etc? as far as I can tell WinGate shouldn't treat it any differently. What flavour of linux is it? We may be able to repro.

As for network neighbourhood. On a workgroup (compared to a domain), most functionality uses UDP broadcasting. For instance computernames are broadcast on UDP port 137, and connecting to master browsers for browse lists is often done with a broadcast on UDP port 139.

Are you seeing any firewall hits on either of these ports (or TCP port 138) in the GateKeeper firewall tab?

Adrien

[mdc]

Changing the internal adapter to 255.0.0.0 fixed the network problem, I also see where that can be changed in the DHCP scope settings.

I am using PCLinuxOS

I also tried tonight with Ubuntu(not a current version)from the live CD and it has the same problem.
It appears to be a DNS problem
On the Wingate activity screen when going to google news on the Linux box for instance it shows
DNS: Unknown lookup "news.google.com"
Once it finally resolves the name the page loads quickly.
I opened DNS/Resolver and entered the ISP's DNS IP(Same one I use on Winproxy)but that did not fix the problem.
I can use the ISP DNS IP on the Linux box and it fixes the problem but I would think that Wingate would handle this for the client.

[logan]

What version of Ubuntu did you use? I use Ubuntu Desktop 7.04 without any problems behind WinGate so I'd like to download and check the specific version you used.

I just did a search for any similar issues to this and found another forum thread from back in 2004 about the same problem. It seems that WinGate is misinterpreting the DNS requests coming from the Linux computers.

http://forums.qbik.com/viewtopic.php?t=2214

Do you think you would be able to get a packet capture of this problem happening on your network? Using a packet capture, we should be able to identify if there is a difference between the DNS requests from Linux and normal DNS requests that is causing WinGate to misinterpret the Linux requests.

[adrien]

might it be trying an IPv6 lookup first (i.e. AAAA record)?

There might be some setting in the linux client that could be affecting that.

Adrien

[mdc]

The version of Ubuntu I have is Ubuntu 6.06 LTL Dapper Drake released June 2006
I use PCLinuxOS though, just had that version of Ubuntu laying around and thought I would test with it to see if it worked or not.
I tried a copy of Freespire I had downloaded awhile back ver.2.02 I think and it worked.
I did notice in the settings area on Freespire that it appeared to have some DNS names listed so it might be using those instead of what Wingate is supplying.

I will see if I can find a packet capture program, do you have any recommendations on which one to use? and what machine should I run that program on?

What version of Ubuntu did you use? I use Ubuntu Desktop 7.04 without any problems behind WinGate so I'd like to download and check the specific version you used.

I just did a search for any similar issues to this and found another forum thread from back in 2004 about the same problem. It seems that WinGate is misinterpreting the DNS requests coming from the Linux computers.

http : // forums.qbik.com/viewtopic.php?t=2214

Do you think you would be able to get a packet capture of this problem happening on your network? Using a packet capture, we should be able to identify if there is a difference between the DNS requests from Linux and normal DNS requests that is causing WinGate to misinterpret the Linux requests.

[mdc]

Not sure what IPv6 is :)
I tried playing around with the settings in PCLinuxOS but other than supplying it with an DNS IP I couldn't it to work.

might it be trying an IPv6 lookup first (i.e. AAAA record)?

There might be some setting in the linux client that could be affecting that.

Adrien

[logan]

IPv6 is set up to be the successor of the current Internet Protocol, IPv4. There are a few improvements in IPv6, but the most notable one is the extended address space that provides many, many, many more IP addresses for use than before. So many that it's actually hard to comprehend how many. Have a read of the following wikipedia article if you would like to learn more about IPv6.

http://en.wikipedia.org/wiki/IPv6

Anyway, I did some research and found that you arn't alone in experiencing this problem. In fact it appears to be a very common problem with Linux. There is a quick fix you can use in FireFox that will speed up your web browsing again. Try this and see if it helps.


1. Type “about:config” for the URL in Firefox and hit enter (without the quotes, of course).

2. In the filter field, type “DNS” and hit enter.

3. Double-click on “network.dns.disableIPv6″, changing its value from False to True.


This is only a fix for firefox though. Not a fix for all DNS lookups on the computer. I wasn't able to find a global fix for PCLinuxOS, but I did find one for Ubuntu if you are interested.


1. To verify that the IPv6 module is loaded type the following from a terminal:

user@host:~$ lsmod | grep ipv6
ipv6 265856 10

2. Then from a terminal type:

user@host:~$ sudo echo "blacklist ipv6" > /etc/modprobe.d/blacklist-ipv6

3. Restart

4. To verify that the IPv6 module is not loaded type the following from a terminal:

user@host:~$ lsmod | grep ipv6
user@host:~$

If for whatever reason the above method does not work, type either of the following alternatives a. or b. in the terminal:

a. echo "blacklist ipv6" | sudo tee -a /etc/modprobe.d/blacklist

b. sudo nano -w /etc/modprobe.d/blacklist & enter the line blacklist-ipv6

after both a. or b. do steps 3. & 4. as above.


Credit for these fixes goes to:
http://rojs-techcorner.com/blog/2007/07 ... 6-lookups/
http://ubuntuforums.org/showthread.php?t=282034