Knowledgebase: LAN Clients
Client connection methods
Posted by Adrien de Croy (Import) on 18 August 2005 03:43 PM

After TCP/IP is installed on the client machines and IP addressing has been configured, the next step is to choose which connection method your clients will use to access the Internet.

WinGate offers the choice of three different methods that clients on the LAN can use when connecting through WinGate.

These are:

  1. Network Address Translation
  2. Wingate Internet Client
  3. Proxy Method

Follow the links below for instructions on configuring your LAN clients to connect to a WinGate server using:

Network Address Translation (NAT)

NAT is the easiest of the client connection methods to configure and use.

Network Address Translation happens when clients send their Internet requests to the WinGate server.

The WinGate server keeps track of which client is making the request. The WinGate server then makes the request on behalf of the client, out to the location on the Internet using its public IP address (appearing to the outside world as though it is the computer that originated the request.)

When the Web or remote server sends back the information to the public IP address of the WinGate server, the WinGate server translates the address back to the private address of the relevant client on the LAN, and redirects the incoming data back to that client who originally requested the information.

Pros
  • NAT provides fast and seamless low-level sharing of a connection to the internet. It is the simplest approach to sharing an internet connection as all clients Internet requests (regardless of the type of program or activity) are sent to the WinGate server for it to handle on behalf of the client. With little overhead, it is very reliable.
  • It is also extremely flexible as it gives access to a shared Internet connection for any platform that supports TCP/IP (e.g. Windows, Mac, Unix, Linux) unlike the Windows Internet client that can on be installed on a Windows based machine. This makes it ideal when you have non-Windows operating systems on the network that need to use WinGate to access the Internet.
  • Since all Internet requests will be sent to the WinGate (gateway) machine, virtually any TCP/IP based client application (web browsers, mail programs, newsgroups, FTP etc.) should be able to use it without having to configure that application itself.
  • There is no software to install and no applications to configure.
  • With transparent redirection there is easy integration with the power of WinGate proxy services.

Cons

  • Because NAT is implemented as a low-level driver, there may occasionally be some compatibility problems with some hardware.
  • Due to its light weight nature, NAT alone does not allow the access or policy control available when clients are using WGIC, or running applications directly through WinGate proxies. However this can now be alleviated by the use of transparent redirection.

Conclusion

For many, NAT is an excellent choice. It's particularly well-suited to LANs that contain a mix of Windows platform and non-Windows machines. It is also ideal in situations where you dont want to have to install client software or configure individual applications on many different machines.

Click here to return to the top

WinGate Internet Client (WGIC)


The WinGate Internet Client is small application that can be installed on client machines in order to communicate with the WinGate server.

When the WGIC is installed, all network/Internet requests from WinSock based applications (most Windows programs) on the client computer will be intercepted and serviced by the the WinGate Server. This allows administrators to have strong control over what applications clients use to access the Internet, and how they will access the Internet.

Pros

  • Provides tight control over users Internet usage and allows the efficient running of server applications.
  • Provides an elegant way for users to authenticate for Internet usage. It can be configured so the user has to enter username and password the first time they access the Internet making it ideal for tracking and auditing purposes.
  • Allows policy control from just one place in WinGate (the WRP service, which is the service that intercepts the WGIC requests) rather then configuring policies per WinGate service.
  • When used with a WinGate Enterprise licence, WGIC user Internet access and operations can be controlled from a central configuration menu in Gatekeeper on the WinGate server.
  • With the WGIC software packaged in an MSI installer, system administrators in an Active directory can set automatic installation to client machines across the domain.

Cons

  • You have to install client software.
  • Can only be installed to Windows based machines, and used by Winsock based programs.

Conclusion

If you have a small to medium sized LAN of Windows clients or a domain scenario, where control of user Internet applications is required, we recommend using the WGIC.

Click here to return to the top

Proxy

The Proxy connection is one of the most direct client connection methods used by WinGate.

Rather then configuring the client machine to use WinGate for all Internet access, each application on the client machine such as web browser, mail program, chat program etc must be configured individually to connect through WinGate (proxy server) to the Internet.

Most TCP/IP based programs will have an option to use a Proxy server. This is where access through WinGate will need to be configured.

WinGate's specific proxy services (such as HTTP,FTP,Telnet) etc have been specifically designed to handle these types of connections and as such handle the entire connection between the client application and the remote server/site on the Internet.

The WinGate Internet Client and NAT connection methods have decreased the importance of application proxies.

You may still choose to use proxies to exert per-service control over policies, however the advent of transparent redirection means that there is nothing you can do with proxies that you now cannot do with the other two client connection methods.

Pros

  • Since the client application request is handled by the specific WinGate proxy service, it allows you the greatest control over data passing through your network as you can set policies and restrictions etc in the relevant proxy service used in WinGate. Although, with transparent direction, these benefits are now available through NAT and WGIC.

Cons

  • Works only for existing protocols that each Proxy service in WinGate is designed for.
  • If a new protocol is devised and used by a client application, you wont be able to set the application to use WinGate as a proxy server, since there will be no proxy service available in WinGate for it.

Click here to return to the top

(2019 vote(s))
Helpful
Not helpful

Comments (0)