Hi Guys,
I have the latest version of WinGate on trial at the moment and am having a few issues with timed internet access.
I have a policy that prevents Internet access between 00:01:00 and 17:00:00 Mon, Tue, Wed and Thur and between 00:01:00 and 07:00:00 on Friday. Basically the group can have access on Mon-Thur Evening 'til just after Midnight and all the time from 0700 Friday through Sunday evening.
This policy appears to work fine until it comes to Friday, for 2 weeks now on a Friday the policy allows access to the Web but will not allow connections to be made to World of Warcraft; it just keeps dropping connections. Any other time is fine and I have another group with constant access that have no issues getting to WoW. So I have had to resort to removing all the time restrictions so that access can be granted during the day on Friday. Nothing else seems to work.
I'd rather not have to keep changing policies every week to get this to work. Does anyone have any idea if this is a known issue or can help, with more info, resolve the issue?
In addition there appears to be a lag between changes being made and policies actually applied. Is there a way of forcing instant update so the effect of changes can be seen without having to wait?
Any help you can give would be appreciated. WinGate looks to be a good product, I just need to iron out some of these wrinkles before I can commit to buying it.
Thanks in anticipation.
Shaun.
Problems with Timeslicing
Moderator: Qbik Staff
7 posts
• Page 1 of 1
Problems with Timeslicing
by splaaat » Jun 16 08 12:18 pm
- splaaat
- Posts: 4
- Joined: Jun 16 08 11:55 am
Re: Problems with Timeslicing
by labull » Jun 16 08 2:25 pm
Hi Shaun!
Can you see any errors in the System Messages or Firewall tabs of GateKeeper when connections get dropped?
Can you see any errors in the System Messages or Firewall tabs of GateKeeper when connections get dropped?
WinGate Lurker
- labull
- WinGate Guru
- Posts: 710
- Joined: Sep 06 03 1:03 am
- Location: Washington, DC - USA
Re: Problems with Timeslicing
by splaaat » Jun 17 08 11:28 am
Hi Iabull,
Thanks very much for replying.
No there weren't any errors in the System logs (I expected authentication errors but there weren't any) and the only errors that were in the Firewall logs were for attempted connections from the internet that had been swatted.
The Wingate NAT logs show this pattern of behaviour every time a connection attempt was made:
06/13/08 14:30:38 10.76.22.3 ade 0000096174 Requested: NAT: TCP Connection to 216.73.84.115:80
06/13/08 14:30:38 10.76.22.3 ade 0000096162 Traffic 381 919 919 381 0s
06/13/08 14:30:38 10.76.22.3 ade 0000096158 Traffic 484 3628 3628 484 0s
06/13/08 14:30:38 10.76.22.3 ade 0000096176 Requested: NAT: TCP Connection to 216.73.84.17:80
06/13/08 14:30:38 10.76.22.3 ade 0000096133 Traffic 0 0 0 0 1s
06/13/08 14:30:38 10.76.22.3 ade 0000096136 Traffic 0 0 0 0 1s
06/13/08 14:30:38 10.76.22.3 ade 0000096139 Traffic 0 0 0 0 1s
06/13/08 14:30:38 10.76.22.3 ade 0000096140 Traffic 0 0 0 0 1s
06/13/08 14:30:38 10.76.22.3 ade 0000096141 Traffic 0 0 0 0 1s
06/13/08 14:30:38 10.76.22.3 ade 0000096142 Traffic 0 0 0 0 1s
06/13/08 14:30:38 10.76.22.3 ade 0000096143 Traffic 0 0 0 0 1s
06/13/08 14:30:38 10.76.22.3 ade 0000096154 Traffic 0 0 0 0 1s
06/13/08 14:30:38 10.76.22.3 ade 0000096165 Traffic 0 0 0 0 0s
06/13/08 14:30:38 10.76.22.3 ade 0000096166 Traffic 0 0 0 0 0s
06/13/08 14:30:38 10.76.22.3 ade 0000096170 Traffic 0 0 0 0 0s
06/13/08 14:30:38 10.76.22.3 ade 0000096171 Traffic 0 0 0 0 0s
06/13/08 14:30:38 10.76.22.3 ade 0000096172 Traffic 0 0 0 0 0s
06/13/08 14:30:38 10.76.22.3 ade 0000096174 Traffic 0 0 0 0 0s
06/13/08 14:30:38 10.76.22.3 ade 0000096176 Traffic 0 0 0 0 0s
When I was monitoring the Activity page I could see connections being created then torn down immediately by WinGate and the user complained of being disconnected from WoW.
Is there any debugging I can switch on to get a better picture?
Thanks for your help.
Regards,
Shaun.
Thanks very much for replying.
No there weren't any errors in the System logs (I expected authentication errors but there weren't any) and the only errors that were in the Firewall logs were for attempted connections from the internet that had been swatted.
The Wingate NAT logs show this pattern of behaviour every time a connection attempt was made:
06/13/08 14:30:38 10.76.22.3 ade 0000096174 Requested: NAT: TCP Connection to 216.73.84.115:80
06/13/08 14:30:38 10.76.22.3 ade 0000096162 Traffic 381 919 919 381 0s
06/13/08 14:30:38 10.76.22.3 ade 0000096158 Traffic 484 3628 3628 484 0s
06/13/08 14:30:38 10.76.22.3 ade 0000096176 Requested: NAT: TCP Connection to 216.73.84.17:80
06/13/08 14:30:38 10.76.22.3 ade 0000096133 Traffic 0 0 0 0 1s
06/13/08 14:30:38 10.76.22.3 ade 0000096136 Traffic 0 0 0 0 1s
06/13/08 14:30:38 10.76.22.3 ade 0000096139 Traffic 0 0 0 0 1s
06/13/08 14:30:38 10.76.22.3 ade 0000096140 Traffic 0 0 0 0 1s
06/13/08 14:30:38 10.76.22.3 ade 0000096141 Traffic 0 0 0 0 1s
06/13/08 14:30:38 10.76.22.3 ade 0000096142 Traffic 0 0 0 0 1s
06/13/08 14:30:38 10.76.22.3 ade 0000096143 Traffic 0 0 0 0 1s
06/13/08 14:30:38 10.76.22.3 ade 0000096154 Traffic 0 0 0 0 1s
06/13/08 14:30:38 10.76.22.3 ade 0000096165 Traffic 0 0 0 0 0s
06/13/08 14:30:38 10.76.22.3 ade 0000096166 Traffic 0 0 0 0 0s
06/13/08 14:30:38 10.76.22.3 ade 0000096170 Traffic 0 0 0 0 0s
06/13/08 14:30:38 10.76.22.3 ade 0000096171 Traffic 0 0 0 0 0s
06/13/08 14:30:38 10.76.22.3 ade 0000096172 Traffic 0 0 0 0 0s
06/13/08 14:30:38 10.76.22.3 ade 0000096174 Traffic 0 0 0 0 0s
06/13/08 14:30:38 10.76.22.3 ade 0000096176 Traffic 0 0 0 0 0s
When I was monitoring the Activity page I could see connections being created then torn down immediately by WinGate and the user complained of being disconnected from WoW.
Is there any debugging I can switch on to get a better picture?
Thanks for your help.
Regards,
Shaun.
- splaaat
- Posts: 4
- Joined: Jun 16 08 11:55 am
Re: Problems with Timeslicing
by logan » Jun 17 08 3:33 pm
Hi splaaat,
I just read over you first post, but it doesn't explain where the policy is created the policy or how it is configured in enough detail. Would you mind creating a support ticket at the online helpdesk and include the following information with it. This will let me see your current WinGate configuration, and give a brief glimpse of your network topography.
1. WinGate Registry
GateKeeper --> Options menu --> Advanced --> Save Registry
2. WinGate Config Report
GateKeeper --> Options menu --> Advanced --> Save Config Report
3. ipconfig/all from one LAN Client
(Windows) Start menu --> Run --> cmd --> ipconfig/all >> C:\ipa-client.txt
4. ipconfig/all from the WinGate Server
(Windows) Start menu --> Run --> cmd --> ipconfig/all >> C:\ipa-server.txt
I just read over you first post, but it doesn't explain where the policy is created the policy or how it is configured in enough detail. Would you mind creating a support ticket at the online helpdesk and include the following information with it. This will let me see your current WinGate configuration, and give a brief glimpse of your network topography.
1. WinGate Registry
GateKeeper --> Options menu --> Advanced --> Save Registry
2. WinGate Config Report
GateKeeper --> Options menu --> Advanced --> Save Config Report
3. ipconfig/all from one LAN Client
(Windows) Start menu --> Run --> cmd --> ipconfig/all >> C:\ipa-client.txt
4. ipconfig/all from the WinGate Server
(Windows) Start menu --> Run --> cmd --> ipconfig/all >> C:\ipa-server.txt
- logan
- Qbik Staff
- Posts: 671
- Joined: Oct 19 06 2:49 pm
- Location: Auckland, New Zealand
Re: Problems with Timeslicing
by splaaat » Jun 18 08 8:34 am
Hi logan,
Thanks for your assistance. I have raised a call and attached the files you requested. Let me know if you need the ticket number (I'm not sure if you want it posted in a public forum).
Sorry for the lack of detail in my original post.
Regards,
Shaun.
Thanks for your assistance. I have raised a call and attached the files you requested. Let me know if you need the ticket number (I'm not sure if you want it posted in a public forum).
Sorry for the lack of detail in my original post.
Regards,
Shaun.
- splaaat
- Posts: 4
- Joined: Jun 16 08 11:55 am
Re: Problems with Timeslicing
by logan » Jun 18 08 9:01 pm
Ticket received at online helpdesk
It was a very descriptive post, but lacked a bit of specific info I was after, so no worries :).
It was a very descriptive post, but lacked a bit of specific info I was after, so no worries :).
- logan
- Qbik Staff
- Posts: 671
- Joined: Oct 19 06 2:49 pm
- Location: Auckland, New Zealand
Re: Problems with Timeslicing
by splaaat » Jun 21 08 1:04 pm
Hi Logan,
Well today was a mixed bag. As suggested, I set up time slicing consisting of just access grants for 17:00:00 to 23:59:59 on M T W & Th and 07:00:00 to 23:59:59 on F with all day Sat & Sun. I also set up a constant access policy to DNS.
All was well until 00:00:01 on Saturday when Wingate started to exhibit the same disconnection behaviour as on prevoius Fridays. I have a capture of the NAT logs:
06/20/08 23:57:11 10.76.22.3 ade 0000072826 Traffic 0 2496 2496 0 1555s
06/20/08 23:57:11 10.76.22.3 ade 0000072826 Terminated exit code 42
06/20/08 23:58:43 Authorisation failure: NAT STATUS: firewall block: UDP src 24.64.50.216:24973 dst XXXXXXXXXXXX
06/20/08 23:58:43 Authorisation failure: NAT STATUS: firewall block: UDP src 24.64.50.216:24973 dst XXXXXXXXXXXX
06/20/08 23:58:43 Authorisation failure: NAT STATUS: firewall block: UDP src 24.64.50.216:24973 dst XXXXXXXXXXXX
06/20/08 23:59:59 Debug: KillSession(mapping=2E957) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/20/08 23:59:59 10.76.22.4 dan 0000071791 Traffic 0 0 0 0 10417s
06/20/08 23:59:59 10.76.22.4 dan 0000071791 Terminated exit code 2
06/21/08 00:02:33 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:02:33 10.76.22.3 ade 0000073013 Requested: NAT: TCP Connection to 66.102.9.97:443
06/21/08 00:02:35 Debug: KillSession(mapping=2F060) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:02:35 10.76.22.3 ade 0000073013 Traffic 0 0 0 0 2s
06/21/08 00:02:35 10.76.22.3 ade 0000073013 Terminated exit code 2
06/21/08 00:03:06 10.76.22.150 Guest 0000000000 Created:
06/21/08 00:03:06 10.76.22.150 ade 0000073021 Requested: NAT: TCP Connection to 63.245.213.31:443
06/21/08 00:03:06 10.76.22.150 Guest 0000000000 Created:
06/21/08 00:03:06 10.76.22.150 ade 0000073022 Requested: NAT: TCP Connection to 63.245.213.31:443
06/21/08 00:03:07 Debug: KillSession(mapping=2F06A) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:03:07 10.76.22.150 ade 0000073021 Traffic 0 0 0 0 1s
06/21/08 00:03:07 10.76.22.150 ade 0000073021 Terminated exit code 2
06/21/08 00:03:07 Debug: KillSession(mapping=2F06B) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:03:07 10.76.22.150 ade 0000073022 Traffic 0 0 0 0 1s
06/21/08 00:03:07 10.76.22.150 ade 0000073022 Terminated exit code 2
06/21/08 00:07:22 Authorisation failure: NAT STATUS: firewall block: UDP src 24.64.54.208:34767 dst XXXXXXXXXXXX
06/21/08 00:07:22 Authorisation failure: NAT STATUS: firewall block: UDP src 24.64.54.208:34767 dst XXXXXXXXXXXX
06/21/08 00:07:22 Authorisation failure: NAT STATUS: firewall block: UDP src 24.64.54.208:34767 dst XXXXXXXXXXXX
06/21/08 00:08:38 Authorisation failure: NAT STATUS: firewall block: UDP src 125.211.198.16:55268 dst XXXXXXXXXXXX
06/21/08 00:08:45 Authorisation failure: NAT STATUS: firewall block: UDP src 60.222.253.99:58993 dst XXXXXXXXXXXX
06/21/08 00:08:58 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:08:58 10.76.22.3 ade 0000073143 Requested: NAT: TCP Connection to 80.239.178.109:3724
06/21/08 00:08:58 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:08:58 10.76.22.3 ade 0000073144 Requested: NAT: TCP Connection to 80.239.149.75:3724
06/21/08 00:08:59 Debug: KillSession(mapping=2F128) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:08:59 10.76.22.3 ade 0000073143 Traffic 0 0 0 0 1s
06/21/08 00:08:59 10.76.22.3 ade 0000073143 Terminated exit code 2
06/21/08 00:08:59 Debug: KillSession(mapping=2F129) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:08:59 10.76.22.3 ade 0000073144 Traffic 0 0 0 0 1s
06/21/08 00:08:59 10.76.22.3 ade 0000073144 Terminated exit code 2
06/21/08 00:09:07 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:09:07 10.76.22.3 ade 0000073145 Requested: NAT: TCP Connection to 80.239.178.109:3724
06/21/08 00:09:07 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:09:07 10.76.22.3 ade 0000073146 Requested: NAT: TCP Connection to 80.239.149.75:3724
06/21/08 00:09:07 Debug: KillSession(mapping=2F12A) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:09:07 10.76.22.3 ade 0000073145 Traffic 10155 491 491 10155 0s
06/21/08 00:09:07 10.76.22.3 ade 0000073145 Terminated exit code 2
06/21/08 00:09:07 Debug: KillSession(mapping=2F12B) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:09:07 10.76.22.3 ade 0000073146 Traffic 191 330 330 191 0s
06/21/08 00:09:07 10.76.22.3 ade 0000073146 Terminated exit code 2
06/21/08 00:10:01 10.76.22.4 Guest 0000000000 Created:
06/21/08 00:10:01 10.76.22.4 dan 0000073152 Requested: NAT: TCP Connection to 80.239.178.109:3724
06/21/08 00:10:01 10.76.22.4 Guest 0000000000 Created:
06/21/08 00:10:01 10.76.22.4 dan 0000073153 Requested: NAT: TCP Connection to 80.239.179.71:3724
06/21/08 00:10:01 Debug: KillSession(mapping=2F133) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:10:01 10.76.22.4 dan 0000073152 Traffic 0 0 0 0 0s
06/21/08 00:10:01 10.76.22.4 dan 0000073152 Terminated exit code 2
06/21/08 00:10:01 Debug: KillSession(mapping=2F134) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:10:01 10.76.22.4 dan 0000073153 Traffic 0 0 0 0 0s
06/21/08 00:10:01 10.76.22.4 dan 0000073153 Terminated exit code 2
06/21/08 00:10:02 10.76.22.4 Guest 0000000000 Created:
06/21/08 00:10:02 10.76.22.4 dan 0000073154 Requested: NAT: TCP Connection to 80.239.179.71:3724
06/21/08 00:10:03 Debug: KillSession(mapping=2F135) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:10:03 10.76.22.4 dan 0000073154 Traffic 0 0 0 0 1s
06/21/08 00:10:03 10.76.22.4 dan 0000073154 Terminated exit code 2
06/21/08 00:10:06 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:10:06 10.76.22.3 ade 0000073160 Requested: NAT: TCP Connection to 80.239.178.109:3724
06/21/08 00:10:07 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:10:07 10.76.22.3 ade 0000073161 Requested: NAT: TCP Connection to 80.239.149.75:3724
06/21/08 00:10:07 Debug: KillSession(mapping=2F13A) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:10:07 10.76.22.3 ade 0000073160 Traffic 0 0 0 0 1s
06/21/08 00:10:07 10.76.22.3 ade 0000073160 Terminated exit code 2
06/21/08 00:10:07 Debug: KillSession(mapping=2F13B) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:10:07 10.76.22.3 ade 0000073161 Traffic 0 0 0 0 0s
06/21/08 00:10:07 10.76.22.3 ade 0000073161 Terminated exit code 2
06/21/08 00:13:05 10.76.22.150 Guest 0000000000 Created:
06/21/08 00:13:05 10.76.22.150 ade 0000073230 Requested: NAT: TCP Connection to 63.245.209.49:443
06/21/08 00:13:07 Debug: KillSession(mapping=2F1A4) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:13:07 10.76.22.150 ade 0000073230 Traffic 0 0 0 0 2s
06/21/08 00:13:07 10.76.22.150 ade 0000073230 Terminated exit code 2
06/21/08 00:13:28 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:13:28 10.76.22.3 ade 0000073245 Requested: NAT: TCP Connection to 80.239.178.109:3724
06/21/08 00:13:28 10.76.22.3 ade 0000073245 Traffic 291 326 326 291 0s
06/21/08 00:13:28 10.76.22.3 ade 0000073245 Terminated exit code 42
06/21/08 00:13:31 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:13:31 10.76.22.3 ade 0000073246 Requested: NAT: TCP Connection to 80.239.178.109:3724
06/21/08 00:13:32 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:13:32 10.76.22.3 ade 0000073247 Requested: NAT: TCP Connection to 80.239.149.75:3724
06/21/08 00:13:33 Debug: KillSession(mapping=2F1B8) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:13:33 10.76.22.3 ade 0000073246 Traffic 0 0 0 0 2s
06/21/08 00:13:33 10.76.22.3 ade 0000073246 Terminated exit code 2
06/21/08 00:13:33 Debug: KillSession(mapping=2F1B9) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:13:33 10.76.22.3 ade 0000073247 Traffic 0 0 0 0 1s
06/21/08 00:13:33 10.76.22.3 ade 0000073247 Terminated exit code 2
06/21/08 00:14:05 Debug: Sent security table 4 with 2 entries, return status 0
06/21/08 00:14:05 Debug: Sent security table 4 with 1 entries, return status 0
06/21/08 00:14:05 Debug: Sent security table 4 with 0 entries, return status 0
06/21/08 00:14:05 Service stopped
06/21/08 00:14:10 Debug: Attempted to open new driver "\\.\QBIKHOOK"
06/21/08 00:14:10 Debug: Driver detected OS version XXXXXXXXXXXX, checked=0
06/21/08 00:14:10 Debug: Sent route table with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 0 with 2 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 1 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 2 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 3 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 4 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 5 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 6 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 7 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 8 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 9 with 0 entries, return status 0
06/21/08 00:14:10 Service started
06/21/08 00:14:10 Debug: Service started: Internet Gateway (yes) IP forwarding (yes) UDP Relay (yes)
06/21/08 00:14:10 Debug: Sent security table 0 with 2 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 1 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 2 with 13 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 3 with 4 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 4 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 5 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 6 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 7 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 8 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 9 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent route table with 7 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 0 with 2 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 1 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 2 with 13 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 3 with 4 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 4 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 5 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 6 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 7 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 8 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 9 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 4 with 1 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 4 with 2 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 4 with 3 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 0 with 2 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 1 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 2 with 13 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 3 with 5 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 4 with 3 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 5 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 6 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 7 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 8 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 9 with 0 entries, return status 0
06/21/08 00:14:46 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:14:46 10.76.22.3 ade 0000000023 Requested: NAT: TCP Connection to 80.239.178.109:3724
06/21/08 00:14:46 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:14:46 10.76.22.3 ade 0000000024 Requested: NAT: TCP Connection to 80.239.149.75:3724
06/21/08 00:14:47 Debug: KillSession(mapping=2F1E7) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:14:47 10.76.22.3 ade 0000000023 Traffic 0 0 0 0 1s
06/21/08 00:14:47 10.76.22.3 ade 0000000023 Terminated exit code 2
06/21/08 00:14:47 Debug: KillSession(mapping=2F1E8) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:14:47 10.76.22.3 ade 0000000024 Traffic 2968 586 586 2968 1s
06/21/08 00:14:47 10.76.22.3 ade 0000000024 Terminated exit code 2
06/21/08 00:17:16 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:17:16 10.76.22.3 ade 0000000164 Requested: NAT: TCP Connection to 80.239.178.109:3724
06/21/08 00:17:17 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:17:17 10.76.22.3 ade 0000000165 Requested: NAT: TCP Connection to 80.239.149.75:3724
06/21/08 00:17:26 10.76.22.3 ade 0000000165 Traffic 22967 1127 1127 22967 9s
06/21/08 00:17:26 10.76.22.3 ade 0000000165 Terminated exit code 42
06/21/08 00:17:26 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:17:26 10.76.22.3 ade 0000000166 Requested: NAT: TCP Connection to 80.239.179.71:3724
06/21/08 00:17:35 10.76.22.3 ade 0000000164 Traffic 29827 941 941 29827 19s
06/21/08 00:17:35 10.76.22.3 ade 0000000164 Terminated exit code 42
06/21/08 00:17:51 Authorisation failure: NAT STATUS: firewall block: UDP src 125.211.198.12:37091 dst XXXXXXXXXXXX
06/21/08 00:20:43 Authorisation failure: NAT STATUS: firewall block: TCP src 216.73.122.2:47732 dst XXXXXXXXXXXX
06/21/08 00:20:46 Authorisation failure: NAT STATUS: firewall block: TCP src 216.73.122.2:47732 dst XXXXXXXXXXXX
Significant times above are:
The disconnection at 23:59:59, when the Friday access ceases.
Unsuccessful attempts by the users to get back to the internet after 00:02:06
I restarted the Wingate Engine at 00:14:05 to see if I could force a reload of the access policy, which should have allowed access - they still couldn't get online.
At approx 00:17:00 I amended the access policy to allow unrestricted access and the users got online at 00:17:16.
Hopefully you can see what is going on from the log here and the sequence of events I have described.
Any help would be appreciated.
Regards,
Shaun.
Well today was a mixed bag. As suggested, I set up time slicing consisting of just access grants for 17:00:00 to 23:59:59 on M T W & Th and 07:00:00 to 23:59:59 on F with all day Sat & Sun. I also set up a constant access policy to DNS.
All was well until 00:00:01 on Saturday when Wingate started to exhibit the same disconnection behaviour as on prevoius Fridays. I have a capture of the NAT logs:
06/20/08 23:57:11 10.76.22.3 ade 0000072826 Traffic 0 2496 2496 0 1555s
06/20/08 23:57:11 10.76.22.3 ade 0000072826 Terminated exit code 42
06/20/08 23:58:43 Authorisation failure: NAT STATUS: firewall block: UDP src 24.64.50.216:24973 dst XXXXXXXXXXXX
06/20/08 23:58:43 Authorisation failure: NAT STATUS: firewall block: UDP src 24.64.50.216:24973 dst XXXXXXXXXXXX
06/20/08 23:58:43 Authorisation failure: NAT STATUS: firewall block: UDP src 24.64.50.216:24973 dst XXXXXXXXXXXX
06/20/08 23:59:59 Debug: KillSession(mapping=2E957) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/20/08 23:59:59 10.76.22.4 dan 0000071791 Traffic 0 0 0 0 10417s
06/20/08 23:59:59 10.76.22.4 dan 0000071791 Terminated exit code 2
06/21/08 00:02:33 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:02:33 10.76.22.3 ade 0000073013 Requested: NAT: TCP Connection to 66.102.9.97:443
06/21/08 00:02:35 Debug: KillSession(mapping=2F060) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:02:35 10.76.22.3 ade 0000073013 Traffic 0 0 0 0 2s
06/21/08 00:02:35 10.76.22.3 ade 0000073013 Terminated exit code 2
06/21/08 00:03:06 10.76.22.150 Guest 0000000000 Created:
06/21/08 00:03:06 10.76.22.150 ade 0000073021 Requested: NAT: TCP Connection to 63.245.213.31:443
06/21/08 00:03:06 10.76.22.150 Guest 0000000000 Created:
06/21/08 00:03:06 10.76.22.150 ade 0000073022 Requested: NAT: TCP Connection to 63.245.213.31:443
06/21/08 00:03:07 Debug: KillSession(mapping=2F06A) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:03:07 10.76.22.150 ade 0000073021 Traffic 0 0 0 0 1s
06/21/08 00:03:07 10.76.22.150 ade 0000073021 Terminated exit code 2
06/21/08 00:03:07 Debug: KillSession(mapping=2F06B) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:03:07 10.76.22.150 ade 0000073022 Traffic 0 0 0 0 1s
06/21/08 00:03:07 10.76.22.150 ade 0000073022 Terminated exit code 2
06/21/08 00:07:22 Authorisation failure: NAT STATUS: firewall block: UDP src 24.64.54.208:34767 dst XXXXXXXXXXXX
06/21/08 00:07:22 Authorisation failure: NAT STATUS: firewall block: UDP src 24.64.54.208:34767 dst XXXXXXXXXXXX
06/21/08 00:07:22 Authorisation failure: NAT STATUS: firewall block: UDP src 24.64.54.208:34767 dst XXXXXXXXXXXX
06/21/08 00:08:38 Authorisation failure: NAT STATUS: firewall block: UDP src 125.211.198.16:55268 dst XXXXXXXXXXXX
06/21/08 00:08:45 Authorisation failure: NAT STATUS: firewall block: UDP src 60.222.253.99:58993 dst XXXXXXXXXXXX
06/21/08 00:08:58 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:08:58 10.76.22.3 ade 0000073143 Requested: NAT: TCP Connection to 80.239.178.109:3724
06/21/08 00:08:58 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:08:58 10.76.22.3 ade 0000073144 Requested: NAT: TCP Connection to 80.239.149.75:3724
06/21/08 00:08:59 Debug: KillSession(mapping=2F128) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:08:59 10.76.22.3 ade 0000073143 Traffic 0 0 0 0 1s
06/21/08 00:08:59 10.76.22.3 ade 0000073143 Terminated exit code 2
06/21/08 00:08:59 Debug: KillSession(mapping=2F129) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:08:59 10.76.22.3 ade 0000073144 Traffic 0 0 0 0 1s
06/21/08 00:08:59 10.76.22.3 ade 0000073144 Terminated exit code 2
06/21/08 00:09:07 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:09:07 10.76.22.3 ade 0000073145 Requested: NAT: TCP Connection to 80.239.178.109:3724
06/21/08 00:09:07 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:09:07 10.76.22.3 ade 0000073146 Requested: NAT: TCP Connection to 80.239.149.75:3724
06/21/08 00:09:07 Debug: KillSession(mapping=2F12A) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:09:07 10.76.22.3 ade 0000073145 Traffic 10155 491 491 10155 0s
06/21/08 00:09:07 10.76.22.3 ade 0000073145 Terminated exit code 2
06/21/08 00:09:07 Debug: KillSession(mapping=2F12B) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:09:07 10.76.22.3 ade 0000073146 Traffic 191 330 330 191 0s
06/21/08 00:09:07 10.76.22.3 ade 0000073146 Terminated exit code 2
06/21/08 00:10:01 10.76.22.4 Guest 0000000000 Created:
06/21/08 00:10:01 10.76.22.4 dan 0000073152 Requested: NAT: TCP Connection to 80.239.178.109:3724
06/21/08 00:10:01 10.76.22.4 Guest 0000000000 Created:
06/21/08 00:10:01 10.76.22.4 dan 0000073153 Requested: NAT: TCP Connection to 80.239.179.71:3724
06/21/08 00:10:01 Debug: KillSession(mapping=2F133) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:10:01 10.76.22.4 dan 0000073152 Traffic 0 0 0 0 0s
06/21/08 00:10:01 10.76.22.4 dan 0000073152 Terminated exit code 2
06/21/08 00:10:01 Debug: KillSession(mapping=2F134) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:10:01 10.76.22.4 dan 0000073153 Traffic 0 0 0 0 0s
06/21/08 00:10:01 10.76.22.4 dan 0000073153 Terminated exit code 2
06/21/08 00:10:02 10.76.22.4 Guest 0000000000 Created:
06/21/08 00:10:02 10.76.22.4 dan 0000073154 Requested: NAT: TCP Connection to 80.239.179.71:3724
06/21/08 00:10:03 Debug: KillSession(mapping=2F135) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:10:03 10.76.22.4 dan 0000073154 Traffic 0 0 0 0 1s
06/21/08 00:10:03 10.76.22.4 dan 0000073154 Terminated exit code 2
06/21/08 00:10:06 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:10:06 10.76.22.3 ade 0000073160 Requested: NAT: TCP Connection to 80.239.178.109:3724
06/21/08 00:10:07 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:10:07 10.76.22.3 ade 0000073161 Requested: NAT: TCP Connection to 80.239.149.75:3724
06/21/08 00:10:07 Debug: KillSession(mapping=2F13A) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:10:07 10.76.22.3 ade 0000073160 Traffic 0 0 0 0 1s
06/21/08 00:10:07 10.76.22.3 ade 0000073160 Terminated exit code 2
06/21/08 00:10:07 Debug: KillSession(mapping=2F13B) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:10:07 10.76.22.3 ade 0000073161 Traffic 0 0 0 0 0s
06/21/08 00:10:07 10.76.22.3 ade 0000073161 Terminated exit code 2
06/21/08 00:13:05 10.76.22.150 Guest 0000000000 Created:
06/21/08 00:13:05 10.76.22.150 ade 0000073230 Requested: NAT: TCP Connection to 63.245.209.49:443
06/21/08 00:13:07 Debug: KillSession(mapping=2F1A4) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:13:07 10.76.22.150 ade 0000073230 Traffic 0 0 0 0 2s
06/21/08 00:13:07 10.76.22.150 ade 0000073230 Terminated exit code 2
06/21/08 00:13:28 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:13:28 10.76.22.3 ade 0000073245 Requested: NAT: TCP Connection to 80.239.178.109:3724
06/21/08 00:13:28 10.76.22.3 ade 0000073245 Traffic 291 326 326 291 0s
06/21/08 00:13:28 10.76.22.3 ade 0000073245 Terminated exit code 42
06/21/08 00:13:31 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:13:31 10.76.22.3 ade 0000073246 Requested: NAT: TCP Connection to 80.239.178.109:3724
06/21/08 00:13:32 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:13:32 10.76.22.3 ade 0000073247 Requested: NAT: TCP Connection to 80.239.149.75:3724
06/21/08 00:13:33 Debug: KillSession(mapping=2F1B8) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:13:33 10.76.22.3 ade 0000073246 Traffic 0 0 0 0 2s
06/21/08 00:13:33 10.76.22.3 ade 0000073246 Terminated exit code 2
06/21/08 00:13:33 Debug: KillSession(mapping=2F1B9) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:13:33 10.76.22.3 ade 0000073247 Traffic 0 0 0 0 1s
06/21/08 00:13:33 10.76.22.3 ade 0000073247 Terminated exit code 2
06/21/08 00:14:05 Debug: Sent security table 4 with 2 entries, return status 0
06/21/08 00:14:05 Debug: Sent security table 4 with 1 entries, return status 0
06/21/08 00:14:05 Debug: Sent security table 4 with 0 entries, return status 0
06/21/08 00:14:05 Service stopped
06/21/08 00:14:10 Debug: Attempted to open new driver "\\.\QBIKHOOK"
06/21/08 00:14:10 Debug: Driver detected OS version XXXXXXXXXXXX, checked=0
06/21/08 00:14:10 Debug: Sent route table with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 0 with 2 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 1 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 2 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 3 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 4 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 5 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 6 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 7 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 8 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 9 with 0 entries, return status 0
06/21/08 00:14:10 Service started
06/21/08 00:14:10 Debug: Service started: Internet Gateway (yes) IP forwarding (yes) UDP Relay (yes)
06/21/08 00:14:10 Debug: Sent security table 0 with 2 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 1 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 2 with 13 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 3 with 4 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 4 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 5 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 6 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 7 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 8 with 0 entries, return status 0
06/21/08 00:14:10 Debug: Sent security table 9 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent route table with 7 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 0 with 2 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 1 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 2 with 13 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 3 with 4 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 4 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 5 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 6 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 7 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 8 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 9 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 4 with 1 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 4 with 2 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 4 with 3 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 0 with 2 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 1 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 2 with 13 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 3 with 5 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 4 with 3 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 5 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 6 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 7 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 8 with 0 entries, return status 0
06/21/08 00:14:11 Debug: Sent security table 9 with 0 entries, return status 0
06/21/08 00:14:46 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:14:46 10.76.22.3 ade 0000000023 Requested: NAT: TCP Connection to 80.239.178.109:3724
06/21/08 00:14:46 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:14:46 10.76.22.3 ade 0000000024 Requested: NAT: TCP Connection to 80.239.149.75:3724
06/21/08 00:14:47 Debug: KillSession(mapping=2F1E7) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:14:47 10.76.22.3 ade 0000000023 Traffic 0 0 0 0 1s
06/21/08 00:14:47 10.76.22.3 ade 0000000023 Terminated exit code 2
06/21/08 00:14:47 Debug: KillSession(mapping=2F1E8) - WGIOCTL_DESTROY_MAPPING_RETURN.StatusCode == 0
06/21/08 00:14:47 10.76.22.3 ade 0000000024 Traffic 2968 586 586 2968 1s
06/21/08 00:14:47 10.76.22.3 ade 0000000024 Terminated exit code 2
06/21/08 00:17:16 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:17:16 10.76.22.3 ade 0000000164 Requested: NAT: TCP Connection to 80.239.178.109:3724
06/21/08 00:17:17 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:17:17 10.76.22.3 ade 0000000165 Requested: NAT: TCP Connection to 80.239.149.75:3724
06/21/08 00:17:26 10.76.22.3 ade 0000000165 Traffic 22967 1127 1127 22967 9s
06/21/08 00:17:26 10.76.22.3 ade 0000000165 Terminated exit code 42
06/21/08 00:17:26 10.76.22.3 Guest 0000000000 Created:
06/21/08 00:17:26 10.76.22.3 ade 0000000166 Requested: NAT: TCP Connection to 80.239.179.71:3724
06/21/08 00:17:35 10.76.22.3 ade 0000000164 Traffic 29827 941 941 29827 19s
06/21/08 00:17:35 10.76.22.3 ade 0000000164 Terminated exit code 42
06/21/08 00:17:51 Authorisation failure: NAT STATUS: firewall block: UDP src 125.211.198.12:37091 dst XXXXXXXXXXXX
06/21/08 00:20:43 Authorisation failure: NAT STATUS: firewall block: TCP src 216.73.122.2:47732 dst XXXXXXXXXXXX
06/21/08 00:20:46 Authorisation failure: NAT STATUS: firewall block: TCP src 216.73.122.2:47732 dst XXXXXXXXXXXX
Significant times above are:
The disconnection at 23:59:59, when the Friday access ceases.
Unsuccessful attempts by the users to get back to the internet after 00:02:06
I restarted the Wingate Engine at 00:14:05 to see if I could force a reload of the access policy, which should have allowed access - they still couldn't get online.
At approx 00:17:00 I amended the access policy to allow unrestricted access and the users got online at 00:17:16.
Hopefully you can see what is going on from the log here and the sequence of events I have described.
Any help would be appreciated.
Regards,
Shaun.
- splaaat
- Posts: 4
- Joined: Jun 16 08 11:55 am
7 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 5 guests