Internet user using the proxy server

WinGate Proxy Server and other Qbik products

Use this forum to post questions relating to WinGate, feature requests, technical or configuration problems
Post a reply
Ender
  • Ender
  • Posts: 7
  • Joined: Apr 13 04 10:07 am

Internet user using the proxy server

Aug 21 04 9:52 am

Just installed 6 Trial and have noticed that when I need to allow www bind to an external interface to get my apache web server to work.

Allowing this seems to allow others (from the internet) to use wingate as an guest user to redirect to other sites.

Is something setup wrong or is there something I can do to stop this?

Cheers,

Rob.
labull
  • labull
  • Posts: 710
  • Joined: Sep 06 03 1:03 am
  • Location: Washington, DC - USA

Aug 21 04 10:24 am

This should force them to only your web server:

In Policies - Everyone - Advanced add a criteria of Server IP Address Equals the IP address of your web server.

Let us know if this works ok for you.

Larry
Ender
  • Ender
  • Posts: 7
  • Joined: Apr 13 04 10:07 am

Aug 21 04 11:52 am

Maybe I misunderstood something - but this seems to allow ONLY the web server - even internal ip's can only see this - not internet pages.
labull
  • labull
  • Posts: 710
  • Joined: Sep 06 03 1:03 am
  • Location: Washington, DC - USA

Aug 21 04 12:26 pm

Most likely I've misunderstood. Sorry.

If this is your normal WWW Proxy service for surfing then there shouldn't be a need to bind it to the external interface.

I was thinking this was a WWW Proxy service for external users to access your web server.

Tell us more of your configuration.

Larry
Pascal
  • Pascal
  • Posts: 2623
  • Joined: Sep 08 03 8:19 pm
  • Location: Auckland, New Zealand
  • Website

Aug 21 04 12:52 pm

You don't need to bind WWW to an external IP to get that to work. If I understand things correctly, you have an Apache web-server running somewhere on your network. All traffic coming in on a given port from the internet (Normally 80) you want redirected to this machine.

You can do this in one of two ways:

If you are using ENS, the easiest way would probably be to setup a port security action to redirect all TCP traffic arriving on port 80 from the Internet to that machine's IP.

The alternative is to setup a TCP mapping (Right click in services and add a new one) to do the same.

Note though, that doing this means that all traffic (desirable and undesirable) on that port will be sent through. So you'll need to make sure that the Apache side of things are securely locked down and setup correctly.
Ender
  • Ender
  • Posts: 7
  • Joined: Apr 13 04 10:07 am

Aug 22 04 4:22 am

Thanks Pascal, will try that latter.

Hopefully if I can get everything working ok I can use Wingate instead of my dodgy hardware router.

I tried version 5 but wasn't really happy with it but V6 seems much better.

My only real concern is security, but presumably that isn't a problem if everything is configured correctly?

I'm currently running a seperate firewall, is this necesary or will this just add to problems configuring Wingate?
Post a reply
Switch to full style

Powered by phpBB © phpBB Group.

phpBB Mobile / SEO by Artodia.

Board index