PC-Online 1996 June

home *** CD-ROM | disk | FTP | other *** search

/ PC-Online 1996 June / PCOnline_06_1996.iso / software / topdown / tips / wingate / lzh / wingate.lzh / WINGATE / WG_FAQ.TXT < prev next >

Wrap

Text File | 1996-04-18 | 12KB | 263 lines

The following are the answers to some questions I have been asked frequently by users. I have tried to arrange them into logical groups. Connections - Can I use WinGate on a machine between two ethernet segments? - Can I use WinGate on a Windows95 dial-in server to allow access to my LAN? - Can I use WFW3.11 on my LAN? - Can I run other protocols (i.e IPX/SPX) on my LAN as well? - How do I set up TCP/IP on my LAN? Can I... - Run WinGate as a service under NT? - Use a proxy server on my ISP? Why Can't I - Ping anything on the internet from my LAN? Socket Error - Why do I get a socket error? - Why do I sometimes keep getting socket errors Rules - What are rules for - How do they work - How do I use them - What rules should I set How do I use - Netscape - Microsoft's Internet Explorer - IRC - Mail for multiple different users - Compuserve WinCIM - America On Line - Socket Watch WinGate proxy - What is the WinGate proxy for? - How can I use it in my programs? Troubleshooting - I can't connect to "gateway" - FTP does not work under netscape or any other WWW browser ------------------------------------------------------------------------ Connections Can I use WinGate on a machine between two ethernet segments? Yes you can. In fact, with the normal case of using WinGate between a LAN and a modem connection, you can think of the modem connection as another interface on another LAN - being the Internet. Can I use WinGate on a Windows95 dial-in server to allow access to my LAN? Yes you can. You can also set up two modems on this machine and allow users dialling into the dial-in server to access the Internet out through the other modem link. Can I use WFW3.11 on my LAN? Yes you can. You can use any operating system that supports TCP/IP. The only machine that needs to be running either Windows NT or Windows 95 is the machine that runs WinGate. Can I run other protocols (i.e IPX/SPX) on my LAN as well? Yes you can. The Microsoft network software supports multiple simultaneous protocols. You may find that you get better response on your LAN if you enable NetBEUI, and set it as your default protocol. The default protocol is the first protocol that Microsoft Windows networking will try to connect with (except for sockets applications, which only support TCP/IP), so it will be used for you local LAN traffic, and is a bit more efficient than TCP/IP. If you are running Novell, you will probably want to enable IPX/SPX. How do I set up TCP/IP on my LAN? There are a number of good resources available on the Internet for this. You should look at: http://www.windows95.com/connect/lansing.html ------------------------------------------------------------------------ Can I... Run WinGate as a service under NT? You need to use SRVANY, which ships with the NT resource kit (available from ftp.microsoft.com) . All the documentation you need is included. If you want to configure it, you will have to enable "Allow service to interact with desktop", do your changes, and then disable again under the service control manager in control panel. Use a Proxy server on my ISP? Yes. What you need to do is remove the WWW Proxy in WinGate, and add a mapped link on port 80 which maps through to the proxy server on your ISP (normally on port 8080 - you should get the details about this from your ISP) ------------------------------------------------------------------------ Why can't I... Ping anything on the internet from my LAN OK, the reason is, because your LAN is not connected to the internet. Ping uses the ICMP protocol, which WinGate does not support - WinGate is not a router. If you could ping internet hosts, chances are you wouldn't need WinGate (except perhaps as a firewall). ------------------------------------------------------------------------ Socket Error Why do I get a socket error? A Socket error occurs whenever WinGate tries to do something that it cannot, whether that is due to a remote host not responding, or your link being down, or some other reason. WinGate will provide error messages that your browser and other applications can interpret - like the page you see in Netscape. Why do I sometimes keep getting socket errors Often when you keep getting Socket Errors in response to hitting the reload button, that is because your browser thinks that the error message sent by WinGate is the file you want, and keeps loading it out of its cache. ------------------------------------------------------------------------ Rules What are rules for Rules are used whenever you want to specify some aspect of how WinGate will respond to certain events. There are three types of rule you can specify. - Rules for Connections to WinGate - rules for connections that WinGate will make on a client's behalf, and - rules relating to which URL's WinGate will allow clients to request using the WWW Proxy. Using Rules you can restrict access to the Internet, on a site by site basis, or protect your internal LAN from unwanted visitors How do they work Rules are defined as being an action taken upon a match of a certain type with some data. The match types are either where the data being verified equals some specified filter data, or contains that filter data. Every connection in or out, and every URL is checked against the rule base. If a match is found (i.e you get a match on an hostname) then the action is performed. If no match is found, the default action is performed. How do I use them The first thing you need to configure are the default rules. These specify what action will be taken (allow or deny) when a request does not match any of the specific rules. What rules should I set Normally, by default you will set default inward connections to deny. Then you set up a rule as: allow Inward connections from host containing xxx.yyy.zzz. Where the xxx.yyy.zzz. are the first three octets of your internal LAN This will allow only your internal LAN users to connect to the gateway. You then need to enable any specific other machines to connect to the gateway by adding specific allow rules for them (i.e remote machines that you want to be able to connect back to the gateway) If you wish to deny your internal users access to certain hosts on the internet, you can set up deny rules for those hosts. Similarly you can deny access to URLs containing certain sequences of characters. ------------------------------------------------------------------------ How DO I use... All the examples here assume you have set up WinGate as per the default installation, and have a hosts file on every LAN workstation with an entry for the gateway machine called "gateway" Netscape In Netscape, you need to set up your preferences:proxies. You should have only the following settings: HTTP : gateway port: 80 SOCKS: gateway port: 1080 Microsoft's Internet Explorer You need to use the Internet setup in Control Panel (Under Windows 95) and put an entry in for proxy server of http://gateway gateway:80 also works for some versions. IRC IRC works on port 6667. You need to configure a Mapped Link in WinGate listening on port 6667, with the remote host being the name of the IRC server you wish to connect to, on port 6667. In your IRC client program, you then set your server to be "gateway" Mail for multiple different users The default installation sets up a mapped link for ports 110, and 25. Port 110 is used to access your Post Office Server for downloading your mail. The default remote host will have been enabled and set as your ISP's mail host. You need to add a specific mapping (edit the Mapped link for port 110, and choose the add button) for each machine on your LAN that you wish to use a mail host other than the default one. You need to specify the IP number of the LAN workstation you wish to map, and the remote host and port you need to map the user out to. the port will normally still be port 110. Compuserve WinCIM WinCIM works on port 4144. You need to set up a mapped link on port 4144 which maps through to the remote host compuserve.com, also on port 4144. You then need to configure WinCIM to use "gateway" as its server. America On Line Thanks to Dean Henderson for this: If you use TCP/IP to connect to America Online, there is a text file called TCP.CCL in the CCL folder that contains a line with the following: NetConnect 1 5190 10 AmericaOnline.aol.com The 5190 value is the Port # and AmericaOnline.aol.com is the TCP/IP name. On each client system, you can change the name in the CCL file to the name of your gateway system, or add an entry to your HOSTS files having AmericaOnline.aol.com point to your gateway system. On the gateway system, add a Mapped Link with the Listening port set to 5190, the Remote Host set to AmericaOnline.aol.com, and the Remote Port set to 5190. Now you should be ready to Logon to America Online. Socket Watch Socket Watch uses port 37, so you need to add a mapped link through to the time server you want on port 37. Then configure SocketWatch to use the gateway as its time server. ------------------------------------------------------------------------ WinGate proxy What is the WinGate proxy for? The WinGate proxy was developed to allow applications developers to transparently access remote hosts using TCP/IP. In this way it is very similar to the SOCKS system. However there are a number of differences between SOCKS 4 and WinGate Proxy, notably that in the WinGate Proxy, WinGate does the name resolution for the client, whereas in SOCKS 4, the client can only request connection to an IP number, and hence requires access to a DNS server. How can I use it in my programs? You need to get hold of the protocol specification from me. Just email Adrien de Croy and I'll send it to you. It is very simple to implement support for WinGAte proxy in your code, and it means you can gain leverage off WinGate to a more specialised market. ------------------------------------------------------------------------ Troubleshooting I can't connect to "gateway" Chances are your hosts file isn't set up properly. You should note that the default installation of Windows95 does NOT include a hosts file that you can edit - you need to create one. Also, notepad does not let you save a file with no file extension. You need to rename it to hosts (with no extension) in explorer. You should check that you can ping the IP number of the gateway machine, if that works, and you can't ping "gateway", then that is a hosts file problem. FTP does not work under netscape or any other WWW browser You need to make sure in Netscape that the FTP proxy setting under preferences is blank - i.e you do not use a specific WinGate proxy for FTP in Netscape, you use the SOCKS server for this. Make sure you don't set the proxy for FTP to port 21 on the gateway, this FTP proxy is for FTP clients (including command line clients) only, Netscape does not understand how to talk to this proxy. If you are using Microsoft Internet Explorer, you will not be able to get FTP working, as MSIE does not support SOCKS. I am implementing support for FTP in the WWW Proxy server, so MSIE users will have access to FTP.