how to block NAT: TCP Connections

WinGate Proxy Server and other Qbik products

Switch to full style
Use this forum to post questions relating to WinGate, feature requests, technical or configuration problems
Post a reply
TeddyAD
  • TeddyAD
  • Posts: 10
  • Joined: May 26 04 9:19 pm

how to block NAT: TCP Connections

Mar 06 10 1:30 am

I want to block NAT:TCP Connections for selected users so they can not be able to browse and download through TCP connections. I did manage in setting up polices on WWW Proxy Server to disallow browsing, but these users are now able to browse through TCP Connections. Kindly advise on simple step-by-step instruction on blocking TCP connections from these selected users. I use latest Gateekper version 6.6.4 (Build 1338) on the server

Thanks
adrien
  • adrien
  • Posts: 5448
  • Joined: Sep 03 03 2:54 pm
  • Location: Auckland
  • Website

Re: how to block NAT: TCP Connections

Mar 06 10 11:13 pm

Hi

can you just black hole their IP addresses? Then they won't be able to do anything through WinGate at all (not even connect to the WinGate server).

Otherwise you can use policies in Extended Networking to limit who is allowed to do NAT.

Regards

Adrien
TeddyAD
  • TeddyAD
  • Posts: 10
  • Joined: May 26 04 9:19 pm

Re: how to block NAT: TCP Connections

Mar 15 10 9:30 pm

Thanks Adrien.. Blackholing thier IPs is working but they keep on changing IPs to access the net . Is there a way I can set range of IPs to blackhole ?
adrien
  • adrien
  • Posts: 5448
  • Joined: Sep 03 03 2:54 pm
  • Location: Auckland
  • Website

Re: how to block NAT: TCP Connections

Mar 15 10 11:10 pm

Hi

Yes, when you enter a black-hole you specify an address and mask. You can therefore block whole subnets. E.g.

192.168.0.0 MASK 255.255.255.0 will block 192.168.0.1 - 192.168.0.255

Adrien
TeddyAD
  • TeddyAD
  • Posts: 10
  • Joined: May 26 04 9:19 pm

Re: how to block NAT: TCP Connections

Mar 16 10 8:52 pm

Thanks Adrien for the prompt reply..

Based on your example, can you please advise on specific setting I need to do for our scenario. I want three workstations with IPs 192.168.0.2 upto 192.168.0.4 to have access and all IPs equal and above 192.168.05 to be blocked. For this what is the mask & address setting that I need to do on the wingate server which has IP address of 192.168.0.1
Alen
  • Alen
  • Posts: 217
  • Joined: Sep 21 09 7:50 pm

Re: how to block NAT: TCP Connections

Mar 22 10 3:46 am

TeddyAD
Based on your example, can you please advise on specific setting I need to do for our scenario. I want three workstations with IPs 192.168.0.2 upto 192.168.0.4 to have access and all IPs equal and above 192.168.05 to be blocked. For this what is the mask & address setting that I need to do on the wingate server which has IP address of 192.168.0.1


I don't see a simple way, but at least you can try this:
192.168.0.128 MASK 255.255.255.128 {This includes 128-255}
192.168.0.64 MASK 255.255.255.192 {This includes 64-127}
192.168.0.32 MASK 255.255.255.224 {This includes 32-63}
192.168.0.16 MASK 255.255.255.240 {This includes 16-31}
192.168.0.8 MASK 255.255.255.248 {This includes 8-15}
192.168.0.7 MASK 255.255.255.255
192.168.0.6 MASK 255.255.255.255
192.168.0.5 MASK 255.255.255.255
Post a reply
Switch to full style

Powered by phpBB © phpBB Group.

phpBB Mobile / SEO by Artodia.

Board index