i closed all firewall port and configure allow port to access but seem like it doesn;t work. Anyone got any idea what wrong ?? :worship:

Its probably the firewall rule, but you didn't post it for us to tell you for sure.

By default untangle firewall is open all the port and block those unwanted port ...
i like to closed all firewall port and allow port 80 to access. in my firewall rule i enable the rule for port 80 to access to internet but it seem like not working ? any other setting that we need configure ?

Post screenshots. A picture is worth a thousand words. Also tell us whether Untangle is a bridge behind another device (in that case, info is needed there too) or is your router.

Did you set Port Forwarding to direct the outside port 80 traffic to an internal IP address?

Are you referring to outside traffic coming to YOUR internal web server, or YOUR users going to external web sites? If it is your users, make sure your firewall rule says destination port=80 and source port=any.

I am having the same problem. Here is my situation.
I have Untangle box as my main gateway (eth0 plugged right into cable modem and eth1 is LAN). I have installed all free modules and turned most of them on (did not turn on protocol control). Everything is working fine including all of the port forwards I have set up. I have tried to set port 80 on the firewall module and then turn it to default block. When I do this, there is no internet access. I have posted a SC.
http://img440.imageshack.us/img440/898/newbitmapimagedp1.png

MCSolutions03 Welcome to the forums...

Thank you for the screenshot it paints a wonderful picture. Your firewall rules are mal formed. ;)

Each and every one of those rules has incorrect source port values. Therefore the traffic isn't being matched, and it isn't being passed. Also, client interface and server interface need to be configured properly. Most of the time, this means client interface is internal, and server interface is external. Just think about which interface the client or server is closest to.

So again, configure client interface, configure server interface, and reset your source port to be any, or 1024-65535 and you should be good.

Looks like I need to revisit my standard answer here...ANY is only a valid answer when ANY is the only true answer. You must specify what interface is for the server and what interface is for the client. Also, anything destined for a port 80 NEVER comes from a port 80. In that case, ANY is a valid answer for source port.

Ok, I get it now. Sorry for the confusion and Sorry for posting again, for some reason my post wasn't showing up on the page so I thought it didn't go through and did it again.

MC,

Your post did not show up in my browser either...I get an email for every forum post that is made, so I knew it was made. Your browser cache (particularly IE) keeps up the old page so you need to refresh to see additional entries.

how do these look?

http://img518.imageshack.us/img518/4851/ftprulesxr0.png

You're getting there, but I would look carefully at whereever you use the word ANY. ANY is vague, and often implies lack of understanding or trying to use a shortcut. Example is rule #7...are you saying that you want your internal users to be able to access external web sites, or that you want external users to be able to access internal web sites? If you change your mind, will you cut off access to everyone while you are making your change?. You are also allowing unlimited SSH access. Also, you should have a BLOCK ALL rule at the bottom of the list. Using a default block all rule does not log any attempts to access your network, but putting a block all rule in the rule list does. That rule MUST be at the bottom of your list, or it takes priority over any pass rules. You ARE on the right track...keep going!

P.S. The goal in picking these apart is not to irritate you...its to help you build a more secure network. Just wanted you to know that so you don't take the comments wrong.