The following are the answers to some questions I have been asked 
frequently by users. I have tried to arrange them into logical groups. 


Connections

    - Can I use WinGate on a machine between two ethernet segments?
    - Can I use WinGate on a Windows95 dial-in server to allow access
      to my LAN?
    - Can I use WFW3.11 on my LAN?
    - Can I run other protocols (i.e IPX/SPX) on my LAN as well?
    - How do I set up TCP/IP on my LAN?

Can I...
    - Run WinGate as a service under NT?
    - Use a proxy server on my ISP?

Why Can't I
    - Ping anything on the internet from my LAN?

Socket Error
    - Why do I get a socket error?
    - Why do I sometimes keep getting socket errors

Rules
    - What are rules for
    - How do they work
    - How do I use them
    - What rules should I set
 
How do I use
    - Netscape
    - Microsoft's Internet Explorer
    - IRC
    - Mail for multiple different users
    - Compuserve WinCIM
    - America On Line
    - Socket Watch

WinGate proxy
    - What is the WinGate proxy for?
    - How can I use it in my programs?

Troubleshooting
    - I can't connect to "gateway"
    - FTP does not work under netscape or any other WWW browser

------------------------------------------------------------------------
Connections

Can I use WinGate on a machine between two ethernet segments?
Yes you can. In fact, with the normal case of using WinGate between a LAN
and a modem connection, you can think of the modem connection as another
interface on another LAN - being the Internet. 

Can I use WinGate on a Windows95 dial-in server to allow access to my LAN?
Yes you can. You can also set up two modems on this machine and allow users
dialling into the dial-in server to access the Internet out through the
other modem link. 

Can I use WFW3.11 on my LAN?
Yes you can. You can use any operating system that supports TCP/IP. The
only machine that needs to be running either Windows NT or Windows 95 is
the machine that runs WinGate. 

Can I run other protocols (i.e IPX/SPX) on my LAN as well? Yes you can.
The Microsoft network software supports multiple simultaneous protocols.
You may find that you get better response on your LAN if you enable NetBEUI,
and set it as your default protocol. The default protocol is the first
protocol that Microsoft Windows networking will try to connect with
(except for sockets applications, which only support TCP/IP), so it will be
used for you local LAN traffic, and is a bit more efficient than TCP/IP. If
you are running Novell, you will probably want to enable IPX/SPX.

How do I set up TCP/IP on my LAN?
There are a number of good resources available on the Internet for this.
You should look at: http://www.windows95.com/connect/lansing.html 

------------------------------------------------------------------------
Can I...

Run WinGate as a service under NT?
You need to use SRVANY, which ships with the NT resource kit (available from ftp.microsoft.com) . All the documentation you need is included. If you want
to configure it, you will have to enable "Allow service to interact with
desktop", do your changes, and then disable again under the service control
manager in control panel. 

Use a Proxy server on my ISP? Yes. What you need to do is remove the WWW
Proxy in WinGate, and add a mapped link on port 80 which maps through to the
proxy server on your ISP (normally on port 8080 - you should get the details
about this from your ISP) 

------------------------------------------------------------------------
Why can't I...

Ping anything on the internet from my LAN
OK, the reason is, because your LAN is not connected to the internet. Ping
uses the ICMP protocol, which WinGate does not support - WinGate is not a
router. If you could ping internet hosts, chances are you wouldn't need
WinGate (except perhaps as a firewall). 

------------------------------------------------------------------------
Socket Error

Why do I get a socket error?
A Socket error occurs whenever WinGate tries to do something that it cannot,
whether that is due to a remote host not responding, or your link being down,
or some other reason. WinGate will provide error messages that your browser
and other applications can interpret - like the page you see in Netscape. 

Why do I sometimes keep getting socket errors
Often when you keep getting Socket Errors in response to hitting the reload
button, that is because your browser thinks that the error message sent by
WinGate is the file you want, and keeps loading it out of its cache. 

------------------------------------------------------------------------
Rules

What are rules for
Rules are used whenever you want to specify some aspect of how WinGate will
respond to certain events. There are three types of rule you can specify. 

    - Rules for Connections to WinGate
    - rules for connections that WinGate will make on a client's behalf, and
    - rules relating to which URL's WinGate will allow clients to request
      using the WWW Proxy. 

Using Rules you can restrict access to the Internet, on a site by site
basis, or protect your internal LAN from unwanted visitors 

How do they work
Rules are defined as being an action taken upon a match of a certain type
with some data. The match types are either where the data being verified
equals some specified filter data, or contains that filter data. Every
connection in or out, and every URL is checked against the rule base. If a
match is found (i.e you get a match on an hostname) then the action is
performed. If no match is found, the default action is performed. 

How do I use them
The first thing you need to configure are the default rules. These specify
what action will be taken (allow or deny) when a request does not match
any of the specific rules. 

What rules should I set
Normally, by default you will set default inward connections to deny.
Then you set up a rule as: allow Inward connections from host containing
xxx.yyy.zzz. Where the xxx.yyy.zzz. are the first three octets of your
internal LAN  This will allow only your internal LAN users to connect to
the gateway. You then need to enable any specific other machines to connect
to the gateway by adding specific allow rules for them (i.e remote machines
that you want to be able to connect back to the gateway)  If you wish to
deny your internal users access to certain hosts on the internet, you can
set up deny rules for those hosts. Similarly you can deny access to URLs
containing certain sequences of characters. 

------------------------------------------------------------------------
How DO I use...

All the examples here assume you have set up WinGate as per the default
installation, and have a hosts file on every LAN workstation with an entry
for the gateway machine called "gateway" 

Netscape
In Netscape, you need to set up your preferences:proxies. You should have
only the following settings:

HTTP :  gateway     port: 80
SOCKS:  gateway     port: 1080

Microsoft's Internet Explorer
You need to use the Internet setup in Control Panel (Under Windows 95) and
put an entry in for proxy server of http://gateway  gateway:80 also works
for some versions. 

IRC
IRC works on port 6667. You need to configure a Mapped Link in WinGate
listening on port 6667, with the remote host being the name of the IRC
server you wish to connect to, on port 6667. In your IRC client program,
you then set your server to be "gateway" 

Mail for multiple different users
The default installation sets up a mapped link for ports 110, and 25.
Port 110 is used to access your Post Office Server for downloading your
mail. The default remote host will have been enabled and set as your ISP's
mail host. You need to add a specific mapping (edit the Mapped link for
port 110, and choose the add button) for each machine on your LAN that you
wish to use a mail host other than the default one. You need to specify the
IP number of the LAN workstation you wish to map, and the remote host and
port you need to map the user out to. the port will normally still be
port 110. 

Compuserve WinCIM
WinCIM works on port 4144. You need to set up a mapped link on port 4144
which maps through to the remote host compuserve.com, also on port 4144.
You then need to configure WinCIM to use "gateway" as its server. 

America On Line
Thanks to Dean Henderson for this:

If you use TCP/IP to connect to America Online, there is a text file
called TCP.CCL in the CCL folder that contains a line with the following: 

NetConnect 1 5190 10 AmericaOnline.aol.com 

The 5190 value is the Port # and AmericaOnline.aol.com is the TCP/IP name. 

On each client system, you can change the name in the CCL file to the name
of your gateway system, or add an entry to your HOSTS files having
AmericaOnline.aol.com point to your gateway system. 

On the gateway system, add a Mapped Link with the Listening port set to
5190, the Remote Host set to AmericaOnline.aol.com, and the Remote Port
set to 5190. 

Now you should be ready to Logon to America Online. 

Socket Watch
Socket Watch uses port 37, so you need to add a mapped link through to the
time server you want on port 37. Then configure SocketWatch to use the
gateway as its time server. 

------------------------------------------------------------------------
WinGate proxy

What is the WinGate proxy for?
The WinGate proxy was developed to allow applications developers to
transparently access remote hosts using TCP/IP. In this way it is very
similar to the SOCKS system. However there are a number of differences
between SOCKS 4 and WinGate Proxy, notably that in the WinGate Proxy,
WinGate does the name resolution for the client, whereas in SOCKS 4, the
client can only request connection to an IP number, and hence requires
access to a DNS server. 

How can I use it in my programs?
You need to get hold of the protocol specification from me. Just email
Adrien de Croy and I'll send it to you. It is very simple to implement
support for WinGAte proxy in your code, and it means you can gain
leverage off WinGate to a more specialised market. 

------------------------------------------------------------------------
Troubleshooting

I can't connect to "gateway"
Chances are your hosts file isn't set up properly. You should note that
the default installation of Windows95 does NOT include a hosts file that
you can edit - you need to create one. Also, notepad does not let you
save a file with no file extension. You need to rename it to hosts
(with no extension) in explorer. You should check that you can ping the
IP number of the gateway machine, if that works, and you can't ping
"gateway", then that is a hosts file problem. 

FTP does not work under netscape or any other WWW browser You need to
make sure in Netscape that the FTP proxy setting under preferences is
blank - i.e you do not use a specific WinGate proxy for FTP in Netscape,
you use the SOCKS server for this. Make sure you don't set the proxy for
FTP to port 21 on the gateway, this FTP proxy is for FTP clients
(including command line clients) only, Netscape does not understand how
to talk to this proxy. 

If you are using Microsoft Internet Explorer, you will not be able to
get FTP working, as MSIE does not support SOCKS. I am implementing
support for FTP in the WWW Proxy server, so MSIE users will have
access to FTP.