Wingate not intercepting proxy requests when dial-up connection is active

[Onyx Elverstin]

Win2K, Sygate Personal Firewall Pro, Wingate 5;
Wingate not intercepting proxy requests when dial-up connection is
active

I posted this earlier to comp.security.firewall, but then I guess it
was the wrong place.

Windows 2000 SP4: First installed Sygate Personal Firewall Pro 5.1,
then installed Wingate 5.

All working fine, browsing the net with IE is improved ;].

(I am positive that Wingate *is* proxy-caching, cause I can see the
activity in Gatekeeper.)

However: In SPF, in the status window for Running Applications, the
various data counters (Incoming, Outgoing etc.) do NOT show packets
as being transfered from Wingate, but rather from Internet Explorer.

Is this right ? Shouldnt it be Wingate ?


TIA,
OE

Actually I was wrong about:

(I am positive that Wingate *is* proxy-caching, cause I can see the
activity in Gatekeeper.)

[Though there *is* activity when I am NOT connected to the internet,
this stops as soon as I get connected; and IE packets bypass
Wingate.]


After a "route print" command, I figure that..
Internet Explorer is sending packets to the default route 0.0.0.0/0
(the PPP/SLIP interface or dial-up adapter), being intercepted by SPF.

Various configurations of the proxy settings in IE and many stops and
restarts of the Wingate engine later and I am.. feeling sleepy.. =]

Now, I need to know how to configure the machine to do what I
want, and that is, have Wingate to do what it is supposed to do in the
first place.

Let me add that the modem is installed on the same machine and there
is no LAN card installed.

Can anyone help?

In crucial anticipation..
OE

 

[Onyx Elverstin]

What OS is running on the client? For W2k/XP, the proxy settings are
connection dependant. You need to set them for each connection separately.

From Internet Options, select the dialup connection and click settings.
Put the proxy server IP address in here for the dialup.

I don't think you understood the problem.

* The machine is a standalone, with a modem dial-up connection to the
ISP. Yes, it's running W2k.
* There is absolutely no LAN card.
* The IP and DNS addresses are assigned dynamically upon connection.

What I want to do is use Wingate as a proxy cache on this setup to
improve perfomance for web browsing. Here, I am stumped, because once
connected, the HTTP requests bypass Wingate and go directly to the
dial-up interface. <--- I can see this from my firewall (SPF Pro).

I know it has got something to do with manually altering the routing
table or worse, or maybe configuring Wingate in a *special* way, but
I just can't get it..

There must be somebody who has done this before..

exasperated..
ND

 

[Onyx Elverstin]

Not having seen the post with your original question - I will outline what
you need to do in the "special" wingate way
- In wingate - set up WWW Proxy service to accept requests on a port - say
80
- Allow connection to this service only on 127.0.0.1 (for standalone PC)
- Set wingate dialer service up to dial your ISP using your (already
configured) dial-up connection
- in Wingate -> System, make sure the caching properties are configured ok
- Set your internet explorer proxy settings to point to (for a stand alone
PC) 127.0.0.1 and port 80 (or whatever the WWW Proxy service is listening
on)
- In internet explorer set Tools->Internet Options->Connections->Never dial
a connection

and you should be all set...

Cheers

Hi

Thanks for replying.
I tried what you said and faced additional 'issues':

1) It drops the connection while trying to connect. Must be something
to do with security and Win2k. I connected manually as usual.

2) WWW Service does not 'bind' to the 127.0.0.1 interface, everything
is set up right.

3) I guess I have to get myself a NIC, because thats (IMO) the only
way Wingate will bind on an interface.

Thanks anyway..
ND

 

[Onyx Elverstin]

Hi

Thanks for replying.
I tried what you said and faced additional 'issues':

1) It drops the connection while trying to connect. Must be something
to do with security and Win2k. I connected manually as usual.

2) WWW Service does not 'bind' to the 127.0.0.1 interface, everything
is set up right.

3) I guess I have to get myself a NIC, because thats (IMO) the only
way Wingate will bind on an interface.

Thanks anyway..
ND

Hi again,

I managed to get Wingate to dial successfully.

But the problem (and a big problem) remains in that, once the
dial-up connection is active, Internet Explorer (or any other program
for that matter) stops routing packets through Wingate, and instead
sends packets directly to the dial-up interface route.

[------
This is confirmed by looking in the History pane:
* When not connected: Can see request activity
* When connected: Cannot see any activity
and also:
*My firewall reports that Internet Explorer is trying to connect to
xyz..
-----]


ND

 

[Onyx Elverstin]

I managed to solve the problem..
Your earlier post gave me the clue:
In IE, the proxy server address and port has to
be set for the connection that you are using, EVEN IF
'Never dial a connection' is not checked...

Thanks anyway everyone =] ..

ND

 

[Pariah]

Your earlier post gave me the clue:
In IE, the proxy server address and port has to
be set for the connection that you are using, EVEN IF
'Never dial a connection' is not checked...

Thanks anyway everyone =] ..

ND

Glad to have been of help.
cheers