After TCP/IP is installed on the client machines and IP addressing has been configured, the next step is to choose which connection method your clients will use to access the Internet.
WinGate offers the choice of three different methods that clients on the LAN can use when connecting through WinGate.
- Network Address Translation
- Wingate Internet Client
- Proxy Method
Follow the links below for instructions on configuring your LAN clients to connect to a WinGate server using:
Network Address Translation (NAT)
NAT is the easiest of the client connection methods to configure and use.
Network Address Translation happens when clients send their Internet requests
to the WinGate server.
The WinGate server keeps track of which client is making the request. The WinGate
server then makes the request on behalf of the client, out to the location on
the Internet using its public IP address (appearing to the outside world as
though it is the computer that originated the request.)
When the Web or remote server sends back the information to the public IP address
of the WinGate server, the WinGate server translates the address back to the
private address of the relevant client on the LAN, and redirects the incoming
data back to that client who originally requested the information.
- NAT provides fast and seamless low-level sharing of a connection to the
internet. It is the simplest approach to sharing an internet connection as
all clients Internet requests (regardless of the type of program or activity)
are sent to the WinGate server for it to handle on behalf of the client. With
little overhead, it is very reliable.
- It is also extremely flexible as it gives access to a shared Internet connection
for any platform that supports TCP/IP (e.g. Windows, Mac, Unix, Linux) unlike
the Windows Internet client that can on be installed on a Windows based machine.
This makes it ideal when you have non-Windows operating systems on the network
that need to use WinGate to access the Internet.
- Since all Internet requests will be sent to the WinGate (gateway) machine,
virtually any TCP/IP based client application (web browsers, mail programs,
newsgroups, FTP etc.) should be able to use it without having to configure
that application itself.
- There is no software to install and no applications to configure.
- With transparent redirection there is easy integration with the power of
WinGate proxy services.
- Because NAT is implemented as a low-level driver, there may occasionally
be some compatibility problems with some hardware.
- Due to its light weight nature, NAT alone does not allow the access or policy
control available when clients are using WGIC, or running applications directly
through WinGate proxies. However this can now be alleviated by the use of
For many, NAT is an excellent choice. It's particularly well-suited to LANs
that contain a mix of Windows platform and non-Windows machines. It is also
ideal in situations where you dont want to have to install client software or
configure individual applications on many different machines.
Click here to return to the top
WinGate Internet Client (WGIC)
The WinGate Internet Client is small application that can be installed on client
machines in order to communicate with the WinGate server.
When the WGIC is installed, all network/Internet requests from WinSock based applications (most Windows programs) on the client computer will be intercepted
and serviced by the the WinGate Server. This allows administrators to have strong
control over what applications clients use to access the Internet, and how they
will access the Internet.
- Provides tight control over users Internet usage and allows the efficient
running of server applications.
- Provides an elegant way for users to authenticate for Internet usage. It
can be configured so the user has to enter username and password the first
time they access the Internet making it ideal for tracking and auditing purposes.
- Allows policy control from just one place in WinGate (the WRP service,
which is the service that intercepts the WGIC requests) rather then configuring
policies per WinGate service.
- When used with a WinGate Enterprise licence, WGIC user Internet access
and operations can be controlled from a central configuration menu in Gatekeeper
on the WinGate server.
- With the WGIC software packaged in an MSI installer, system administrators
in an Active directory can set automatic installation to client machines across
- You have to install client software.
- Can only be installed to Windows based machines, and used by Winsock based
If you have a small to medium sized LAN of Windows clients or a domain scenario,
where control of user Internet applications is required, we recommend using
Click here to return to the top
The Proxy connection is one of the most direct client connection methods used
Rather then configuring the client machine to use WinGate for all Internet
access, each application on the client machine such as web browser, mail program,
chat program etc must be configured individually to connect through WinGate
(proxy server) to the Internet.
Most TCP/IP based programs will have an option to use a Proxy server. This
is where access through WinGate will need to be configured.
WinGate's specific proxy services (such as HTTP,FTP,Telnet) etc have been specifically
designed to handle these types of connections and as such handle the entire connection
between the client application and the remote server/site on the Internet.
The WinGate Internet Client and NAT connection methods have decreased the importance
of application proxies.
You may still choose to use proxies to exert per-service control over policies,
however the advent of transparent
redirection means that there is nothing you can do with proxies that you
now cannot do with the other two client connection methods.
- Since the client application request is handled by the specific WinGate
proxy service, it allows you the greatest control over data passing through
your network as you can set policies and restrictions etc in the relevant
proxy service used in WinGate. Although, with transparent direction,
these benefits are now available through NAT and WGIC.
- Works only for existing protocols that each Proxy service in WinGate is
- If a new protocol is devised and used by a client application, you wont
be able to set the application to use WinGate as a proxy server, since there
will be no proxy service available in WinGate for it.
Click here to return to the top