Replacing the Wingate machine (version 6.6.2 Buid 1315) that was running Windows XP with one running Windows Vista. Switch over went fairly well with one problem.
Also running on the Wingate machine is an MDaemon Email Server, with Windows XP I had the DNS name for the email sever set to the external IP, everyone was able to access the server if they were in or outside the office. Now with Vista, only those outside the office can access their email. But, those inside the office cannot even ping the external address. This machine is running as a VPN Gateway to our main office and those in the main office can get to all computers on the internal side but when they ping the internal address on this server they can't reach it. With the XP machine it was possible to ping the card on the other side from your current location without a problem. I also have two other offices setup like this with Windows XP and both work as configured.
I have looked at the routing table on the wingate machine and all looks fine.
Wingate & Vista
Moderator: Qbik Staff
2 posts
• Page 1 of 1
Wingate & Vista
by dlcole » Mar 28 14 2:12 am
David L. Cole
Systems Manager
R.T. Patterson Co., Inc.
Systems Manager
R.T. Patterson Co., Inc.
- dlcole
- Posts: 16
- Joined: Sep 25 03 5:01 am
- Location: Pittsburgh, PA
Re: Wingate & Vista
by adrien » Apr 02 14 3:49 pm
Hi David
I think due to the different architecture of the driver on Vista and later, there are issues NATing to a different interface. This is because when you NAT, the source address would be changed to the external interface, which is the same as the destination address, and I think the protocol blocks packets coming in from below the protocol with it's own IP address (as these are normally impossible, since they are reflected back over localhost interface normally).
You can probably get around this issue with DNS, if your internal clients learn the internal address for the mail server, where external ones learn the external address (e.g. DNS server returns different address for the name based on where the client is).
Are your internal clients using the WinGate for DNS? If so, you can add an entry to the hosts file on the WinGate server, and set the IP address to 0.0.0.0, then whichever interface the DNS request is received on, that will be the answer given for that name.
Regards
Adrien de Croy
I think due to the different architecture of the driver on Vista and later, there are issues NATing to a different interface. This is because when you NAT, the source address would be changed to the external interface, which is the same as the destination address, and I think the protocol blocks packets coming in from below the protocol with it's own IP address (as these are normally impossible, since they are reflected back over localhost interface normally).
You can probably get around this issue with DNS, if your internal clients learn the internal address for the mail server, where external ones learn the external address (e.g. DNS server returns different address for the name based on where the client is).
Are your internal clients using the WinGate for DNS? If so, you can add an entry to the hosts file on the WinGate server, and set the IP address to 0.0.0.0, then whichever interface the DNS request is received on, that will be the answer given for that name.
Regards
Adrien de Croy
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
2 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 10 guests