Knowledgebase: General Networking
Private versus Public IP addresses
Posted by Adrien de Croy (Import) on 24 November 2003 01:57 PM
WinGate is a proxy server and as such handles Internet requests on behalf of clients on the local area network. Because these clients will never directly access the Internet, they are assigned (either statically or through WinGate’s DHCP) an IP address called a private class IP address.

WinGate will obviously be used as a proxy for all of the clients Internet requests and so only one Public (external) IP address (the Internet connection/Interface on the WinGate Server) is required by the entire LAN to reach the Internet.

According to RFC 1597 there are three sets of private class IP address ranges that can be used when addressing machines on the LAN, these are:

  • through
  • through
  • through

    What is so special about private class IP’s is that they are often called non-routable IP’s; if a user attempts to use this address directly on the Internet it will not be forwarded by routers on the Internet.

    WinGate handles these IP address ranges in accordance with RFC 1597 and so will be able to distinguish between whether an IP is private or public. e.g IP address would be deemed to be private.

    When the WinGate engine first starts it scans all of its available Network interfaces for IP addresses. After determining whether these addresses are Public or Private addresses it will determine the usage and therefore which services they should be bound to, whether they should be firewalled, etc. This in turn helps WinGate determine which interface links WinGate to the LAN and which interface links it to the Internet.

    This is an extremely important point to understand because in order for WinGate to function correctly it must determine whether an IP address/Network Interface is deemed to be Private or Public, Trusted versus Untrusted.

    You can check the usage of the Network Interfaces found on the WinGate Server by selecting the Network tab in GateKeeper. The adapter usage will be shows as Internal or External.

    Usage column

    Of course these settings can be overwritten, so that an Public (external) IP can be trusted or considered local, however administrators should be aware of the possible security and configuration problems that may arise from this type of use.

    To change the adapter usage double click the adapter, this will open a properties dialogue box. Change the setting from "Auto Detect" to the appropriate setting.

  • (1639 vote(s))
    Not helpful

    Comments (0)