WinGate Forums

by **etimag** » Aug 13 04 8:02 pm

My problem is I cannot set time restrict to www proxy.

Here is the scenario;

www proxy is restricted time which is 16:00 to 17:00

until 16:00 no one can use www proxy but after they have the rights they keep surfing even after 17:00 hours.

We use gatekeeper to authentication. Connection is NAT via wingate.

Help & sorry for bad English !

by **MattP** » Aug 17 04 4:44 pm

Hi,

Which version are you using? I have just set it up and tested here with version 6 and it works like a charm. All I had to do was specify a time that access was granted, after the time had finished the clients could no longer browse.

Regards,

Matt

by **etimag** » Aug 17 04 7:16 pm

Thanksfor reply.

Version 6. If I disable NAT and force clients to connect throuh proxy you are right it works. But with NAT no. As long as keep the ie open the can surf unless they have to close all ie windows and reconnect. Also if clients have any other internet applications running they can still use ie or yahoo msg etc...

thanks again...

by **adrien** » Aug 17 04 8:50 pm

Hi

How many policies are there in the WWW Proxy? Also, is the WWW Proxy configured to also use the default policies (policy tab, list at bottom) or ignore them?

Adrien

by **etimag** » Aug 17 04 9:28 pm

a type users have rights like restricted by security level and policy tab is must also be granted

b type users have time restricted and policy tab is same...

but main problem is not www limiting, problem is limiting the NAT. Shortly is there any way to limite NAT like www proxy.

thanks.

by **adrien** » Aug 17 04 9:55 pm

NAT uses the policies in the Extended Networking policies.

This should work just like the WWW ones, except error reporting to clients is not possible, because there is no IP-level messaging system suitable for this.

This is why normally for web access, people intercept connections, so that the proxy can control things.

Adrien

by **n0ticer** » Aug 17 04 10:18 pm

etimag,

i hope im getting u right... how about going to...

1) WWW Proxy service > Policies > select a recipient e.g. Everyone > Ban list tab... add Server Name or HTTP URL contains "." (a dot as in .com)

2) add another policy for the same Recipient > Advanced tab> select Specify which request this recipient has rights for... add a filter, a criterion HTTP URL or Server Name contains "." ...go Time tab > select Specify times when this recipient has rights... select Between 00:00:00 to 15:59:59 & 17:01:00 to 23:59:59

u may also try these settings in ENS. tnx

etimag wrote:My problem is I cannot set time restrict to www proxy.

Here is the scenario;

www proxy is restricted time which is 16:00 to 17:00

until 16:00 no one can use www proxy but after they have the rights they keep surfing even after 17:00 hours.

We use gatekeeper to authentication. Connection is NAT via wingate.

Help & sorry for bad English !

by **etimag** » Aug 17 04 11:36 pm

Dear qbik staff,

please try this.

set the time limit and keep one ie open.

after your time is over try to surf with same ie even your limit is over.

tell me whether can you surf or not ? because we do only if NAT is enabled, on www proxy works fine.

also if you have any other application running such as yahoo msg. even after your time is over you can surf even your gatekeeper logon is disabled. I think gatekeeper is assuming users. Maybe...

thanks.

by **MattP** » Aug 23 04 2:40 pm

When you say that you are not being denied access with a NAT connection, do you mean without TR(transparent redirection) turned on? If you don't have TRs turned on, so you're just making a NAT connection then you won't be forcing the connection through the proxy, meaning your policies won't have any effect.

To make your policies work you must have TRs turned on or make a proxy connection.

Regards,

Matt

WinGate Forums

Authentication problem !

Authentication problem !

Re: Authentication problem !

Who is online