AnyRouter Tech, Tup Software Ltd.
___________________________________________________________________________________________________
User’s
Manual
TupGate (Windoor) 2.0
Last
revised: September of 2006
WWW.TUPSOFT.COM
Contents
1 Introduction
TupGate is an NAT router with DNS forwarding and proxy functions for Internet connection sharing, Internet activity monitoring, and web access control. It supports the modem, xDSL, and broadband connections with configurationless installation.
More
specifically, the main functions of TupGate 2.0 can be summarized as follows:
²
Internet connection
sharing: TupGate is a NAT gateway providing the whole LAN with a single Internet
connection, while automatically functioning as a firewall to isolate the LAN
from external hacking assaults; It can automatically detect the Internet
connection and dial in if necessary; It has a built-in DNS forwarder and
supports single NIC-based Internet connection sharing.
²
Port mapping: TupGate
supports port mapping for reverse proxy services so as to provide Web-based
applications to the Internet.
²
Internet activity
monitoring: TupGate logs URL visits, Emails, chats, games, FTP, and data flows.
²
Web access control:
TupGate freely block/filters the Internet access at three different levels,
i.e., for an individual host, a workgroup, or the whole network, in specific
time periods, with preset blocking lists. It controls the web access at the
port level for TCP/UDP protocols.
²
IP and MAC address
locking.
²
PC host
administration: Automatically resolving computer names and easily grouping
hosts into different classes for better workgroup administration.
² The miscellaneous: (A) Client/Server model, i.e., separation of the server and client program for multiple operator access and level control and possible remote access for static IP; (B) Platform-independent tracking (including Unix, Linux, and Macintosh); (C) Monitoring unlimited IP segments; (D) Password protection of the consoles; and (E) Intervention-free running in the background.
2 Operation
To run TupGate properly, you must do the
following three things:
²
Installing TupGate at
the LAN gateway (for example, the PC host directly connected to the Internet,
such as the one using ADSL dial-in).
²
Setting up the
external network adaptor for TupGate, i.e., the server configuration.
²
Assigning the default
gateway and DNS server for other PC hosts on the LAN, i.e., the client
configuration.
There are several things you should know when you install
TupGate:
²
Since a virtual NIC
(network interface card) is created for the operation of TupGate, the
uninstallation will be completed only after restarting the PC host. Therefore,
before you reinstall a new version of TupGate, you must restart the computer to
take effect.
²
When installing
TupGate, a warning window might pop up stating that the software has not passed
Windows Logo testing to verify its compatibility. Just single-click the
“Continue Anyway” button each time the “Hardware
Installation” warning appears until the end of installation.
²
If you have installed
a firewall, make sure that ArServer.exe and ArConsole.exe are allowed.
²
After the installation,
check whether the correct external NIC is selected, otherwise, TupGate will not
work properly.
2.1 Installing TupGate System
The minimum hardware requirements: CPU
Pentium III at 800 MHz/Memory 512 MB/Free Hard Disk Space 10 GB.
Operation System: Windows
2000/XP/Windows 2003
LAN requirements: TupGate must be
installed on a PC that is connected to the Internet and is visitable by other
PC hosts on the LAN. The Internet connection can be one of dial-up, DDN, ADSL,
and cable broadband. Since TupGate supports single-NIC-based Internet
connection sharing, only one network adaptor is required for the server.
Go to http://www.tupsoft.com/
and download the newest version of TupGate (TupGate). Double-click the
installation package and follow the instructions. During the installation, a
warning window might pop up indicating the software has not passed Windows Logo
testing to verify its compatibility. Just single-click the “Continue
Anyway” button each time it appears to the end of installation.
TupGate consists of three parts: 1)
TupGate drivers; 2) TupGate Service; and 3) TupGate Console. The drivers
perform routing and address analysis tasks including access control, port
mapping, and so on; TupGate Service logs Internet activities; and TupGate
Console is the interface of management in which all the configuration and
settings can be done for TupGate Service. After you start the console, a
TupGate icon will appear inside Windows toolbar.
You can close the console after you finish the configuration. The closure does not stop the TupGate server; You can also manually stop the server from Services in the Administrative Tools dialog from the Windows Control Panel (TupCaptureService). Even if the service is stopped, the whole computer system itself will work without any problems.
2.2 Configuring the Server
2.2.1 LAN Configuration
To sharing the Internet
connection using TupGate, you should first interconnect the PC hosts on a LAN.
If your local network has been set up already and the other PC hosts can access
the Internet via the machine on which TupGate has been installed, then you can
skip this section and go directly to the section of TupGate Configuration.
We assume that all the PC
hosts have been physically connected together by cables and only explain how to
configure the IP addresses on the LAN (using Windows 2000 as an example).
Right-click the mouse at
“Network Neighbors” on the desktop, select
“Properties,” open the dialog window, double-click “Local Connection,”
and select “Properties,” a dialog window will appear as shown
below.
Find the “Internet
Protocol (TCP/IP)” item, and click “Properties” to show the
following screen.
Select “Use the
following IP address,” input an IP address that is not yet used by the
other hosts (For example, 192.168.2.1 with subnet 255.255.255.0), and click
“OK” to finish.
Accordingly, for the network
segment of 192.168.2.x, you can assign different IP addresses to other hosts
such as 192.168.2.2, 192.168.2.3, …
After setting up the IP
addresses, you can click “Network Neighbors” to see whether you can
see the other PCs. If not, you can temporarily shut the firewall, and input the
MS-DOS commend “ping.” For instance, when you input “ping
192.168.2.2” on the 192.168.2.1 host, the following messages will appear
if they are inter-visitable.
Reply from 192.1168.0.2: bytes=32
time<10ms TTL=225
Reply from 192.1168.0.2: bytes=32
time<10ms TTL=225
Reply from 192.1168.0.2: bytes=32
time<10ms TTL=225
Reply from 192.1168.0.2: bytes=32
time<10ms TTL=225
Otherwise,
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Then please check the cable
wiring.
2.2.2 TupGate Configuration
In its first running,
TupGate should select an external NIC for the server. The external NIC is the
network adaptor connected to the Internet. It might be a physical NIC or
virtual one for ADSL dial-in, for instance.
In the above figure, if 192.168.1.3
is the one for the Internet connection, double-click the item and it will turn
into boldface. At the same time, you also need to input the external IP address
as shown above. Generally, if there is only one IP address in the list (it
might be 0.0.0.0), TupGate will automatically select that one as the external
IP.
If you are using ADSL
for Internet connection, before you dial in the IP address corresponding to the
ADSL NIC will be set as 0.0.0.0. After you had dialed in, TupGate will
automatically detect and show the assigned IP address.
Note: If you use ADSL
dial-in, TupGate should be on the PC host with ISP software installed and the
external NIC be “ADSL/Dial-in.”
2.3 Configuring the Clients
In order to use TupGate as
the proxy server, you should assign the default gateway IP and DNS server for
the clients. Right-click “Network Neighbors” on the desktop and
select “Properties;” open the network dialog window, double-click
“Local Connection,” and then select “Properties;” find
“Internet Protocol (TCP/IP)” and click “Properties;”
and input the IP of the host on which TupGate is installed to the right of
Default Gateway (192.168.0.1 in this example).
|
NAT Gateway |
NAT Gateway |
NAT Gateway |
NAT Gateway |
NAT Gateway |
NAT Gateway |
NAT Gateway |
NAT Gateway |
NAT Gateway |
NAT Gateway |
|
Proxy Server |
Proxy Server |
Proxy Server |
Proxy Server |
Proxy Server |
Proxy Server |
Proxy Server |
Proxy Server |
Proxy Server |
Proxy Server |
|
NAT Router |
NAT Router |
NAT Router |
NAT Router |
NAT Router |
NAT Router |
NAT Router |
NAT Router |
NAT Router |
NAT Router |
|
DNS Forwarding |
DNS Forwarding |
DNS Forwarding |
DNS Forwarding |
DNS Forwarding |
DNS Forwarding |
DNS Forwarding |
DNS Forwarding |
DNS Forwarding |
DNS Forwarding |
|
Port Mapping |
Port Mapping |
Port Mapping |
Port Mapping |
Port Mapping |
Port Mapping |
Port Mapping |
Port Mapping |
Port Mapping |
Port Mapping |
|
Reverse Proxy |
Reverse Proxy |
Reverse Proxy |
Reverse Proxy |
Reverse Proxy |
Reverse Proxy |
Reverse Proxy |
Reverse Proxy |
Reverse Proxy |
Reverse Proxy |
|
Internet Connection Sharing |
Internet Connection Sharing |
Internet Connection Sharing |
Internet Connection Sharing |
Internet Connection Sharing |
Internet Connection Sharing |
Internet Connection Sharing |
Internet Connection Sharing |
Internet Connection Sharing |
Internet Connection Sharing |
|
Internet Activity Monitoring |
Internet Activity Monitoring |
Internet Activity Monitoring |
Internet Activity Monitoring |
Internet Activity Monitoring |
Internet Activity Monitoring |
Internet Activity Monitoring |
Internet Activity Monitoring |
Internet Activity Monitoring |
Internet Activity Monitoring |
|
Parental Internet Monitoring |
Parental Internet Monitoring |
Parental Internet Monitoring |
Parental Internet Monitoring |
Parental Internet Monitoring |
Parental Internet Monitoring |
Parental Internet Monitoring |
Parental Internet Monitoring |
Parental Internet Monitoring |
Parental Internet Monitoring |
|
Internet Filtering |
Internet Filtering |
Internet Filtering |
Internet Filtering |
Internet Filtering |
Internet Filtering |
Internet Filtering |
Internet Filtering |
Internet Filtering |
Internet Filtering |
|
Internet Activity Statistics |
Internet Activity Statistics |
Internet Activity Statistics |
Internet Activity Statistics |
Internet Activity Statistics |
Internet Activity Statistics |
Internet Activity Statistics |
Internet Activity Statistics |
Internet Activity Statistics |
Internet Activity Statistics |
|
Employee Internet Management |
Employee Internet Management |
Employee Internet Management |
Employee Internet Management |
Employee Internet Management |
Employee Internet Management |
Employee Internet Management |
Employee Internet Management |
Employee Internet Management |
Employee Internet Management |
|
Web Access Control |
Web Access Control |
Web Access Control |
Web Access Control |
Web Access Control |
Web Access Control |
Web Access Control |
Web Access Control |
Web Access Control |
Web Access Control |
|
Online Restriction |
Online Restriction |
Online Restriction |
Online Restriction |
Online Restriction |
Online Restriction |
Online Restriction |
Online Restriction |
Online Restriction |
Online Restriction |
|
Network Monitoring |
Network Monitoring |
Network Monitoring |
Network Monitoring |
Network Monitoring |
Network Monitoring |
Network Monitoring |
Network Monitoring |
Network Monitoring |
Network Monitoring |
|
URL Block |
URL Block |
URL Block |
URL Block |
URL Block |
URL Block |
URL Block |
URL Block |
URL Block |
URL Block |
|
Email Capture |
Email Capture |
Email Capture |
Email Capture |
Email Capture |
Email Capture |
Email Capture |
Email Capture |
Email Capture |
Email Capture |
|
Chat Log |
Chat Log |
Chat Log |
Chat Log |
Chat Log |
Chat Log |
Chat Log |
Chat Log |
Chat Log |
Chat Log |
|
MSN Recorder |
MSN Recorder |
MSN Recorder |
MSN Recorder |
MSN Recorder |
MSN Recorder |
MSN Recorder |
MSN Recorder |
MSN Recorder |
MSN Recorder |
|
Yahoo Messenger Sinffer |
Yahoo Messenger Sinffer |
Yahoo Messenger Sinffer |
Yahoo Messenger Sinffer |
Yahoo Messenger Sinffer |
Yahoo Messenger Sinffer |
Yahoo Messenger Sinffer |
Yahoo Messenger Sinffer |
Yahoo Messenger Sinffer |
Yahoo Messenger Sinffer |
|
Skype Logger |
Skype Logger |
Skype Logger |
Skype Logger |
Skype Logger |
Skype Logger |
Skype Logger |
Skype Logger |
Skype Logger |
Skype Logger |
|
Computer Activity Log |
Computer Activity Log |
Computer Activity Log |
Computer Activity Log |
Computer Activity Log |
Computer Activity Log |
Computer Activity Log |
Computer Activity Log |
Computer Activity Log |
Computer Activity Log |
|
Real Time Monitoring |
Real Time Monitoring |
Real Time Monitoring |
Real Time Monitoring |
Real Time Monitoring |
Real Time Monitoring |
Real Time Monitoring |
Real Time Monitoring |
Real Time Monitoring |
Real Time Monitoring |
|
Screen Tracking |
Screen Tracking |
Screen Tracking |
Screen Tracking |
Screen Tracking |
Screen Tracking |
Screen Tracking |
Screen Tracking |
Screen Tracking |
Screen Tracking |
|
Software Compliance |
Software Compliance |
Software Compliance |
Software Compliance |
Software Compliance |
Software Compliance |
Software Compliance |
Software Compliance |
Software Compliance |
Software Compliance |
|
Data Protection Security |
Data Protection Security |
Data Protection Security |
Data Protection Security |
Data Protection Security |
Data Protection Security |
Data Protection Security |
Data Protection Security |
Data Protection Security |
Data Protection Security |
|
Acceptable Computing |
Acceptable Computing |
Acceptable Computing |
Acceptable Computing |
Acceptable Computing |
Acceptable Computing |
Acceptable Computing |
Acceptable Computing |
Acceptable Computing |
Acceptable Computing |
|
Employee Investigative Operation |
Employee Investigative Operation |
Employee Investigative Operation |
Employee Investigative Operation |
Employee Investigative Operation |
Employee Investigative Operation |
Employee Investigative Operation |
Employee Investigative Operation |
Employee Investigative Operation |
Employee Investigative Operation |
|
Switch Sniffer |
Switch Sniffer |
Switch Sniffer |
Switch Sniffer |
Switch Sniffer |
Switch Sniffer |
Switch Sniffer |
Switch Sniffer |
Switch Sniffer |
Switch Sniffer |
|
Packet Sniffing |
Packet Sniffing |
Packet Sniffing |
Packet Sniffing |
Packet Sniffing |
Packet Sniffing |
Packet Sniffing |
Packet Sniffing |
Packet Sniffing |
Packet Sniffing |
|
Ethernet Capture |
Ethernet Capture |
Ethernet Capture |
Ethernet Capture |
Ethernet Capture |
Ethernet Capture |
Ethernet Capture |
Ethernet Capture |
Ethernet Capture |
Ethernet Capture |
|
Network Tap |
Network Tap |
Network Tap |
Network Tap |
Network Tap |
Network Tap |
Network Tap |
Network Tap |
Network Tap |
Network Tap |
|
MITM |
MITM |
MITM |
MITM |
MITM |
MITM |
MITM |
MITM |
MITM |
MITM |
|
ARP Poisoning |
ARP Poisoning |
ARP Poisoning |
ARP Poisoning |
ARP Poisoning |
ARP Poisoning |
ARP Poisoning |
ARP Poisoning |
ARP Poisoning |
ARP Poisoning |
|
ARP Spooling |
ARP Spooling |
ARP Spooling |
ARP Spooling |
ARP Spooling |
ARP Spooling |
ARP Spooling |
ARP Spooling |
ARP Spooling |
ARP Spooling |
|
MAC Flooding |
MAC Flooding |
MAC Flooding |
MAC Flooding |
MAC Flooding |
MAC Flooding |
MAC Flooding |
MAC Flooding |
MAC Flooding |
MAC Flooding |
|
Promiscuous Mode |
Promiscuous Mode |
Promiscuous Mode |
Promiscuous Mode |
Promiscuous Mode |
Promiscuous Mode |
Promiscuous Mode |
Promiscuous Mode |
Promiscuous Mode |
Promiscuous Mode |
|
|
|
|
|
|
|
|
|
|
|