WinGate Forums

[johnd]

Hi,

I've just installed an evaluation copy of WinGate 5.2.3 on Windows 2003 Server.

Everything seems fine, except the firewall, which doesn't seem to be working at all. I've tried various security scans that can be initiated from Sygate's web site, and the scans are all reporting that the computer's ports are accessible - every single port they scan. Nothing at all is being written to the firewall log.

I've tried the high security option, and also the custom level, with ports explicitly blocked via the Port Security tab, but to no avail. The ports appear to be completely wide open.

Could you advise please?

[adrien]

Check that the interface settings are correct in GateKeeper under Options->Advanced->Network Interfaces.

This determines which is a trusted or untrusted interface, correlating to whether the "connections from the internet" rules are applied, or whether the connections are deemed to be from your local LAN.

Adrien

[johnd]

Hi Adrien,

It has the "Interface is visible from the internet..." option ticked.

[adrien]

Hi

what type of connection are you using?

This isn't an ethernet connection to a PPPoE modem is it?

In some cases with those setups, there are 2 IP interfaces on the same physical one, and if you have one IP set as internal, and one external but they are the same NIC then there could be a problem.

Adrien

[johnd]

It's a USB connection to a broadband modem. If I look at the Network Interfaces, I see:

192.168.0.1 - public=no, trusted=yes (with an NIC icon)
127.0.0.1 - public=no, trusted=yes (with a loopback icon)
Broadband - public=yes, trusted=no (with a telephone icon)

[johnd]

I know these things can be tricky to diagnose at a distance, but do you think this is something we will be able to resolve? I'm keen to make a decision on our choice of proxy, and would like to recommend WinGate if the firewall issue can be sorted out.

[genie]

Hi,
At the moment our testing lab is trying to reproduce this behavior - we'll let you know as we find (or not) anything that might manifest such behavior.

[johnd]

OK, thanks. Keep me posted.

[genie]

Right, John, mjust got the results back - our testers did not find anything suspicious about running port scanners from behind the firewall - all hits were reported and the scanners had all the ports either stealth or closed.
There are a couple of things we can do right now:
- Make sure your firewall is set up correctly (security level is high/custom, unused ports are closed for the Internet-originated connections, interfaces are set up properly in terms of trusted/public relations.

- Drop me an email with your IP address so I can try scanning your machine from my side to see who replies - we found, for example, that some ISPs redirect HTTP requests through their internal proxies making online port scanners scan the ISPs gateway machines rather than your machine.