Sentinel LM problem

jclambert1 · 03-28-2011, 02:03 PM

I am just using Free version for now of untangle 8 for testing.
I put this unit in place between router and internal network. Works great.
Well, that is aside form one thing. I have a Sentinel LM that seems to be somehow blocked by the default configuration (other subnets can no longer get a license from the server). The LM uses: UDP Port 5093
I am using :
Phish
Spyware
Web Lite
Virus
Intrusion
Protocol C
Ad blocker
Attack Blocker

When I remove untangle from the system, it works fine. I have not found this Sentinel LM in any of the logs so far. Any hints?
How would I open UDP 5093? I would expect this under firewall, but I am not using this module.

dmorris · 03-28-2011, 02:15 PM

Hi jclambert. welcome to the forums.

There are no ports closed by default (egress/outbound). You don't need to do anything.
I would start by describing your network configuration and untangle configuration.

jclambert1 · 03-28-2011, 02:59 PM

Untangle is set as bridged mode. Inline between router/firewall and internal switch.
i.e. Internet - Router - Untangle - Switch
Phish Blocker: Scan SMTP (quarantine), Pop3 (Mark), IMAP (Mark)
Spyware Blocker: Blocks Spyware ans Ad URLs, Blocks tracking and ad cookies, block malware activex install
Web Filter Lite: Blocks Proxy and Porn, flags some others
Virus Blocker: scan http, email (remove), scan ftp
Intrusion Prevention:
Protocol Control: none blocked... many logged
Ad Blocker: defaults
Attack Blocker: default
OpenVPN is installed but not configured.

dbunyard · 03-28-2011, 04:36 PM

The interfaces could be switched also.

But a drawing of your network would be very helpful, as Dirk suggested.

jclambert1 · 03-28-2011, 06:54 PM

simple Image attached. The problem exists on connection from switches 1-3. I did not have anything available on switch 4 (Voip only)

dwasserman · 03-28-2011, 06:58 PM

And the problem is with traffic between vlan1 and vlan2?

jclambert1 · 03-28-2011, 07:02 PM

If the interfaces were switched, I would be blocked from accessing the untangle interface (by default) from what is actually an internal IP, right?

dbunyard · 03-28-2011, 07:04 PM

So where does the problem lie in your network? You say from 1-3 but those don't even pass through the Untangle box for access.

jclambert1 · 03-28-2011, 07:07 PM

Quote:

Originally Posted by dwasserman

And the problem is with traffic between vlan1 and vlan2?

Sorry, the problem is from other subnets. Router (shown) connects to other offices via VPN. These locations can no longer see the server hosting the Sentinel LM located on switch 1. Remove Untangle and replace with a Ethernet cable and all works well.

Can't see what's in my brain huh? Sorry, I failed to explain things well enough...

dbunyard · 03-28-2011, 07:18 PM

I'm sorry if I'm seeming ignorant here but I want to make sure I understand your setup. So the problem is the flow of traffic like this, right:
|Remote site|<==>|Internet|<==>|Local Router|<==>|Untangle|<==>|LAN|
The remote sites cannot access a server in the LAN even though a VPN is established to the local router? Sorry for the questions, I just want to make sure I understand.

03-28-2011, 02:03 PM	#1 (permalink)
jclambert1 Newbie Join Date: Mar 2010 Location: Desert Southwest Posts: 10	Sentinel LM problem I am just using Free version for now of untangle 8 for testing. I put this unit in place between router and internal network. Works great. Well, that is aside form one thing. I have a Sentinel LM that seems to be somehow blocked by the default configuration (other subnets can no longer get a license from the server). The LM uses: UDP Port 5093 I am using : Phish Spyware Web Lite Virus Intrusion Protocol C Ad blocker Attack Blocker When I remove untangle from the system, it works fine. I have not found this Sentinel LM in any of the logs so far. Any hints? How would I open UDP 5093? I would expect this under firewall, but I am not using this module.

03-28-2011, 02:15 PM	#2 (permalink)
dmorris Untangle Junkie Join Date: Nov 2006 Location: San Mateo, CA URLs submitted: 10 Posts: 10,613	Hi jclambert. welcome to the forums. There are no ports closed by default (egress/outbound). You don't need to do anything. I would start by describing your network configuration and untangle configuration. __________________ Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself. If you need Untangle support please call or email support@untangle.com

03-28-2011, 04:36 PM	#4 (permalink)
dbunyard Join Date: Nov 2008 Location: Westerville, Ohio, USA Posts: 1,021	The interfaces could be switched also. But a drawing of your network would be very helpful, as Dirk suggested. __________________ Dan You may one day find something interesting here. Today is not that day. Tomorrow isn't looking too good either.

03-28-2011, 06:58 PM	#6 (permalink)
dwasserman Join Date: Jun 2008 Location: Argentina URLs submitted: 57 Posts: 3,634	And the problem is with traffic between vlan1 and vlan2? __________________ The world is divided into 10 kinds of people, who know binary and those not

03-28-2011, 07:04 PM	#8 (permalink)
dbunyard Join Date: Nov 2008 Location: Westerville, Ohio, USA Posts: 1,021	So where does the problem lie in your network? You say from 1-3 but those don't even pass through the Untangle box for access. __________________ Dan You may one day find something interesting here. Today is not that day. Tomorrow isn't looking too good either.

Protect

Filter

Perform

Connect

Manage

Add-Ons

03-28-2011, 02:59 PM	#3 (permalink)
jclambert1 Newbie Join Date: Mar 2010 Location: Desert Southwest Posts: 10	Untangle is set as bridged mode. Inline between router/firewall and internal switch. i.e. *Internet - Router - Untangle - Switch* Phish Blocker: Scan SMTP (quarantine), Pop3 (Mark), IMAP (Mark) Spyware Blocker: Blocks Spyware ans Ad URLs, Blocks tracking and ad cookies, block malware activex install Web Filter Lite: Blocks Proxy and Porn, flags some others Virus Blocker: scan http, email (remove), scan ftp Intrusion Prevention: Protocol Control: none blocked... many logged Ad Blocker: defaults Attack Blocker: default OpenVPN is installed but not configured.

03-28-2011, 07:02 PM	#7 (permalink)
jclambert1 Newbie Join Date: Mar 2010 Location: Desert Southwest Posts: 10	If the interfaces were switched, I would be blocked from accessing the untangle interface (by default) from what is actually an internal IP, right?

03-28-2011, 07:18 PM	#10 (permalink)
dbunyard Join Date: Nov 2008 Location: Westerville, Ohio, USA Posts: 1,021	I'm sorry if I'm seeming ignorant here but I want to make sure I understand your setup. So the problem is the flow of traffic like this, right: \|Remote site\|<==>\|Internet\|<==>\|Local Router\|<==>\|Untangle\|<==>\|LAN\| The remote sites cannot access a server in the LAN even though a VPN is established to the local router? Sorry for the questions, I just want to make sure I understand. __________________ Dan You may one day find something interesting here. Today is not that day. Tomorrow isn't looking too good either.