I've been running untangle gateway in the home and am receiving all of the obvious benefits of it...especially when there are four teenage boys in play here.

I recently added the Policy Manager module, created multiple racks, and custom policies. I'm not getting any hits thru these policies.

My end goal is to:
1. Time based controls. Custom policy which can be applied to each boy. Access by time is sometimes different depending on priveleges earned. Then I want all boys internet blocked from 10 pm - 6 am each day.
2. Web Filtered content that is age appropriate.
3. Block wireless access for some users or by time

What I have done so far.
1. Created a Rack for each kid.
2. Created a custom policy for each kid.


I'm using Untangle version: 5.3.0~svn20080624r16905release5.3-1sarge

I've added a few customizations:
- Wireless access point
- Ntop
- System Info Tab in alpaca.

Any ideas.

Can you post a screenshot of your policy rules?

Follow these links. I'll take them down once we are finished.
(image links removed)

Looks good at first glance.
I'd remove each extra qualifier until you can get it to match.

For example. Set client and server interfaces to "ANY"
then try again.
The set it to all days
then try again.
then set it to all times
then try again.

eventually you'll be able to narrow it down to which qualifier is causing the sessions to not go to the correct rack.

Would the hits/no hits show up in a logfile somewhere?

Would the hits/no hits show up in a logfile somewhere?

You can hit a website, and then check the eventlogs in each of the web filter.
If its in the eventlog in teh web filter in the default rack then its going to that rack

Thanks for your help. I set both interface fields to "any". This seems to work. If I set Internal or External to something other than "any" the policy would not fire.

So to clean up this discussion a bit....I created a custom rack for each kid in the house, one for "Wide Open", and one for Printers and Other devices like sat receivers.
Kid1 (06:00 - 21:30)
Kid2 (06:00 - 21:30)
Kid3 (06:00 - 21:30)
Wide Open (06:00 - 23:59)
Other Devices (all day)

Content is filtered pretty tight for the kid racks. You might ask why create a rack for each kid? There are occassions when privileges need to be revoked for any one of them at any given time. I've found internet blocking is a huge incentive.

I set the Default Rack to fire (all day) with a simple firewall rule to block all. This policy will fire any time outside of the time set for the other rules.

Thanks for your help dmorris. I'll do a bit more research on the internal/external settings in the policy manager.

Jeff

Are you using an AD Directory or just the Local User's for identifying the different users?

Are you using an AD Directory or just the Local User's for identifying the different users?

Using local users in the policy manager actually does nothing (it will never match). In the next version we no longer let you choose them in the policy rule because of this.

Thank you dmorris

Is there a connector like in the ISA Server that can be loaded onto each computer?

Reason I ask is in many homes a computer can be used by more than one person so limiting to IP will not always produce the proper results.