For small and medium-sized enterprises or the company's internal network as well as the Internet, through the Wingate agent to achieve access to the Internet, is an economic and practical program. Wingate's current popular version is WinGate5.0.1, which is divided into simple and professional editions (its free trial version can be downloaded from Internet sites: http://www.wingate.com.cn, etc.). This article will use the most extensive WinGate5.0.1 Professional edition, talk about its configuration and the use of some of the skills in the process. After the WinGate5.0.1 installation is complete, use gatekeeper for configuration and monitoring. Gatekeeper is a powerful remote control and configuration program that enables remote operation of Wingate by establishing an encrypted TCP/IP connection and communicating with the Wingate core engine. There are two ways to install gatekeeper on the client, and after the WinGate5.0.1 installation is complete, copy the following files to a client that requires Wingate remote operations: Gatekeeper.exe,wingate Wingate5.0.1.hlp,wingate wingate5.0.1.cnt, Wingate5.0.1util.exe, Wingate5.0.1auto.ini. Another easier way is to set the Wingate directory on the server to be shared (share properties, such as setting a read-only password, if you need to), and use gatekeeper in file sharing. Wingate itself manages and maintains a user database that stores user and user group information for targeted settings and for individual user log and audit functions. Wingate has the general function of firewall, security policy is complete and flexible, each agent service can be managed independently, authorization can be based on user/group, time or designated workstation address. This means that administrators can specify not only who has certain permissions, but also when and where to access them. The combination of various access restrictions allows administrators to effectively filter and restrict the exchange of information between the intranet and the Internet. The general user mainly uses the WWW Proxy service, in fact Wingate has the very strong proxy function, to the Internet most common network application, Wingate can provide the proxy support. Some applications can tell the gateway which server to connect to (such as IE,CUTEFTP, etc.), but some do not (such as news, email, etc.). If the application cannot tell, the user must configure the mapping agent (Mappingproxy) in Wingate, and in this way, tell Wingate which server to connect to. Although mapping proxies may be somewhat restrictive than other agents, they are simplySingle data through the pipeline. For this reason, you need to specify the target host to connect to when configuring the mapping Agent service, and you can specify a default host and port number. This approach, however, is more generic, providing support for general network applications based on TCP or UDP connections. Sometimes, you want to have a more flexible way of mapping. For example, some users may want to use a news server, while another user may want to use another news server. WinGate2 allows specific mapping links to be provided based on user or workstation addresses, i.e. no default mappings are used for users or workstations that meet the mapping criteria. The wingate_www_proxy_serverwingate WWW Proxy Server is a wingate_www_proxy_server, CERN-compliant HTTP proxy server. It supports HTTP requests, FTP requests, and ssltunneling. The SOCKS server wingate_socks5_proxy_server is a proxy server that follows the SOCKS4 and SOCKS5 (RFC1928) standards. Support RFC1929 authentication (plaintext authentication) by using the Wingate user database. The Wingatesocks server can also recognize HTTP requests and use the built-in Wingate proxy server to handle these requests. Wingate Most proxy services can be cascaded, that is, the front-end of another proxy server of the same type. When used with a Web server on an intranet, there are two ways to change the port of a WINGATEWWW proxy server or to change the Web server port in a better way. When configuring the WWW Proxy service for Wingate WinGate5.0.1, in the Non-proxyrequest (non-proxy request) tab, select: Pipetopredeterminedserver (directed to a pre-set server). In the server item, enter the host name or IP address of the intranet Web server in the enterprise, and enter the port number on which the Web server listens. The WINGATE5.0.1WWW proxy provides an HTTP buffer. HTTP buffering means that the most recently accessed graphics, HTML documents, or other files are stored on the Wingate machine, making it easier to access the next time the LAN user accesses the same content again. In addition, administrators can specify caching rules. The FTP proxy service provides access to the FTP server, but requires the FTP client to be able to use the "username @ hostname" method to access files from a remote FTP server through a firewall, such as using a fairly extensive FTP client program such as Cuteftp,getright. If an FTP server or Web server is installed on the Wingate machine at the same time, you must protectThe corresponding proxy service uses a different port number. This is because, at any one time, only one application on a machine can listen on a specific port. Here are some of the proxy service configurations for widely used internet applications. button, select the "Useruser@site" Item and check the "enablefirewallaccess" box. Note that when setting host properties in its Sitemanager (site manager), you need to select Usefirewall (using a firewall) in its advanced properties. Use the Configuregetright dialog box to configure GetRight. Select the proxy tag, tick the Useproxyserver box, select the Next Level Ftpproxy tab, and enter the host name (or IP address) of the FTP proxy in the Server:port entry: port number, such as: 172.24.156.6:8021. In the otheroptions ... Ftpproxy drop-down menu to select Userwithnologin. When you are done, select the Login tab and in Usernameandpasswordstotrywhenlogin, add one: server/path:*username:anonymous (or available username) Password: Enter the e-mail address or the appropriate password. POP3 e-mail System Agent service POP3 e-mail system, there are two important protocols, one is SMTP, that is, the Simple Mail Transfer Protocol, used to send mail to the mail server, and the other is the POP3 protocol, the Post Office Protocol version 3, used to get mail from the mail server. The WINGATEPOP3 agent can access the POP3 server on the Internet to check for messages, and the SMTP proxy can access the SMTP server to send messages. The following settings POP3 Mail agent service: Enter the POP3 Service Configuration dialog box, enter the POP3 proxy server used by the port number, typically 110 ports, if 110 port has been used by the local POP3 server, you need to assign a separate port to the POP3 proxy server use. The Delimiter (delimiter) defaults to #, and generally does not need to be changed. If the local intranet uses the POP3 server, in the non-Proxy Request tab, you can direct the non-proxy request to the POP3 server on the intranet. Here is a description of the settings for the POP3 mail client in outlookexpress. From the tools item on the OutlookExpress menu bar, select Account, eject the Internet Account dialog box, select the "Mail" tab, and the mail receiving server in the account attribute should enter the host name or address of the Wingate Proxy server. So, for the mail client, PThe OP3 server becomes the Wingate machine, so how do you tell Wingate target POP3 server? Wingate is obtained from the mail client by introducing a separator. In OutlookExpress, the POP3 username should be set to: POP3 User name + separator +POP3 Server (this particular note) SMTP Proxy service is implemented through Tcpmappingservice. In the Wingate setting, add a TCP mapping service into its configuration dialog box. In the Acceptconnectionsonport entry, enter the port number used by the SMTP proxy server, typically using ports 25. If you want to use the default mapping, you can tick the enabledefaultmapping and enter the remote SMTP server address in the server, such as the smtp.163.net of 163, where the port number is entered for ports used by the SMTP server, such as port 25 for 163. In this way, the Wingate SMTP Proxy service is basically set up. If a client wants to access multiple SMTP servers, you need to add the corresponding mapping entry in the Mapping tab, which can be based on the address, user name, or workstation IP address. such as the author of the Ispemail account number: gzgmsdzs@public1.guangzhou.gd.cn, in order to use the account to send email, the author added a map by user name, that is, first set up a Wingate user Gzgmsdzs, and map to the SMTP server public 1.guangzhou.gd.cn (port: 25). With this mapping, when a user Gzgmsdzs to send a message, the WINGATESMTP Proxy server uses public1.guangzhou.gd.cn as the remote SMTP proxy server. The client's settings are simple, and you only need to set the SMTP server to Wingate host name. The news map Agent Internet/usenet News Service uses TCP port 119. So first add a TCP mapping service on the Wingate, accept the connection request on port 119, optionally use the default mapping, and fill in the default mapping server entry with the most frequently accessed news server hostname or IP address, with a port number of 119. When you set up a news account in OutlookExpress, you should set its news server to the address of the Wingate host. The Wingate Mapping service determines the true target news server. To set up multiple news servers, you can set up the mapping table, depending on the workstation host address or user name. Telnet Proxy service Because Telnet is evolving from a command-line based service, for Telnet customers,can be set without special settings. When used first telnet to the WinGate machine, in the prompt state (wingate>) Enter the host name to be logged in, you can attach the port number. If you frequently log on to the same host, you can also configure a fixed mapping link in Wingate to simplify the logon steps. Configuring the ICQ agent on the Wingate, you need to add a UDP mapping service, select the General tab, accept the connection on port 3333, and the default map to the ICQ server icq.mirabilis.com, Port: 4000. ICQ client settings: Run ICQ, click the ICQ button, select Preferences, pop-up a settings window. Set the connection label, select Iamusingapermanentinternetconnection (LAN), and Iambehindafirewallorproxy. Click the Firewall Settings button, select "Iamusingasocks4proxyserver", do not select "Firewallsessionstimeoutafter ..." box, and then click Next to continue setting, Enter the Wingate host name or address within the SOCKS4 host entry, and the port number is set to 1080 (consistent with the Wingate setting). Select Useamappedportonaproxy to enter the Wingate hostname and the port number used by the ICQ agent 3333. Wingate can be encrypted on a mapped link to establish a secure Wingate to the Wingate Mapping Link's data channel. In this way, the enterprise's two internal LANs can be securely transmitted over the Internet. The Wingate dialer is used to manage Internet connectivity. You can configure multiple different ISP accounts. Access can also be limited by user/group, or by other parameters, such as which server the user connects to. By setting the dialing properties of the Wingate and using dial-up to connect to the Internet, you can use an NT dial-up network to set it up automatically, that is, when the client accesses the Internet without the user manually starting the Dial-up service, Wingate automatically uses the NT dialer to dial out and log on to the ISP's host. If a workstation has TCP/IP connectivity through the router and the LAN where the Wingate resides, you can still use Wingate as the proxy server to access the Internet, as appropriate. The point to note is that when you establish a PPP connection with your ISP by dialing, you typically need to use the gateway of the remote network (that is, the ISP) as the default gateway. This way, workstations that are not on the local area network still cannot access the Internet because the route cannot be reached.The workaround is to add a static routing table entry on the Wingate Machine. The routing table is modified by the route command.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.