I have recently installed an evaluation copy of wingate.
I am trying to use it as a socks proxy and I am experiencing intermittent behaviour.
Earlier in the week I was able to access gmail via the https://www.gmail.com from a client machine via IE. IE is configured to only use socks.
I see the activity in the wingate monitoring window, but the client machine does not connect - it displays the generic "Internet Explorer cannot display the webpage" message.
I then tried to browse to a simple png file on google:
https://www.google.com/images/logos/google_logo_41.png
and it failed as well, whereas
http://www.google.com/images/logos/google_logo_41.png works fine
I tried stopping and restarting wingate, but this did not help.
The links work fine from the wingate machine.
I tried to ping www.google.com and got 173.194.64.106 from the machine where wingate is installed and 173.194.64.105 on the client machine. This shouldn't be a problem because of course google has many ip addresses.
Can someone explain to me why this is not working.
Thanks.
wingate 7 https via socks not working
Moderator: Qbik Staff
4 posts
• Page 1 of 1
wingate 7 https via socks not working
by carylewis2013 » Feb 08 13 10:14 am
- carylewis2013
- Posts: 2
- Joined: Feb 08 13 9:59 am
Re: wingate 7 https via socks not working
by adrien » Feb 08 13 7:13 pm
Hi
couple things to check.
1. That the connection isn't being diverted or intercepted anywhere. https over socks would be intercepted to the WWW proxy if the WWW proxy was intercepting port 443. The current version of WinGate 7 doesn't support this, so you should ensure the WWW proxy is not intercepting port 443.
2. MTU. We find sometimes (relatively often actually) that SSL doesn't like path MTU discovery. If the internet connection MTU is lower than the adapter MTU on the WinGate proxy, then we've seen problems with https connections before.
To check MTU, use ping.exe from the command line. Normal MTU is 1500, to test if 1500 bytes will go over your internet connection without fragmenting, use
ping www.microsoft.com -f -l 1472
If you get a response saying the packet must be fragmented (which you may well see if you're on a PPPoA or PPPoE connection) you may need to then adjust the adapter MTU on your WinGate computer for the internet-facing adapter.
Failing all of that, we can have a look remotely and I'd recommend a packet capture to see what is going on. If you need to take that approach, send us an email to support@wingate.com with teamviewer or other remote access details.
Regards
Adrien de Croy
couple things to check.
1. That the connection isn't being diverted or intercepted anywhere. https over socks would be intercepted to the WWW proxy if the WWW proxy was intercepting port 443. The current version of WinGate 7 doesn't support this, so you should ensure the WWW proxy is not intercepting port 443.
2. MTU. We find sometimes (relatively often actually) that SSL doesn't like path MTU discovery. If the internet connection MTU is lower than the adapter MTU on the WinGate proxy, then we've seen problems with https connections before.
To check MTU, use ping.exe from the command line. Normal MTU is 1500, to test if 1500 bytes will go over your internet connection without fragmenting, use
ping www.microsoft.com -f -l 1472
If you get a response saying the packet must be fragmented (which you may well see if you're on a PPPoA or PPPoE connection) you may need to then adjust the adapter MTU on your WinGate computer for the internet-facing adapter.
Failing all of that, we can have a look remotely and I'd recommend a packet capture to see what is going on. If you need to take that approach, send us an email to support@wingate.com with teamviewer or other remote access details.
Regards
Adrien de Croy
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
Re: wingate 7 https via socks not working
by carylewis2013 » Feb 09 13 6:58 am
I set the mtu on the computer where wingate is installed to 1464, this was the biggest number that I could ping to www.google.com without fragmenting.
It had no effect on my ability to access gmail.com via https from the other computer that is configured to access the internet via socks.
I tried to set the mtu on that computer to 1430, but that didn't help either.
only the socks service is installed on wingate.
Squid is installed on that server on a different port.
I tested as well with squid disabled, with no change.
Any ideas?
It had no effect on my ability to access gmail.com via https from the other computer that is configured to access the internet via socks.
I tried to set the mtu on that computer to 1430, but that didn't help either.
only the socks service is installed on wingate.
Squid is installed on that server on a different port.
I tested as well with squid disabled, with no change.
Any ideas?
- carylewis2013
- Posts: 2
- Joined: Feb 08 13 9:59 am
Re: wingate 7 https via socks not working
by adrien » Feb 09 13 8:47 am
Hi
quickest way to get to the bottom of this is probably a remote support session. We normally recommend join.me or teamviewer for this. If you'd like to do that, just email support@wingate.com
Regards
Adrien
quickest way to get to the bottom of this is probably a remote support session. We normally recommend join.me or teamviewer for this. If you'd like to do that, just email support@wingate.com
Regards
Adrien
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
4 posts
• Page 1 of 1
Who is online
Users browsing this forum: Google [Bot] and 102 guests