No traffic after putting UT into production

neiby · 07-10-2009, 01:29 PM

I ran into a snag while moving UT into production. I couldn't access anything beyond UT once I had it connected. Here is my current network:

6509 --> Cisco FW --> 3560 --> Internet

I have UT configured in bridge mode. External NIC is set to dynamic and I have a reservation in DHCP for it. Internal is set to bridge. It was working during testing, but my test configuration just had it sitting between a laptop and the 6509.

So, I moved the UT boxed into production by inserting it in between the 6509 and the firewall. After doing that, I could reach UT but I could not get past it.

6509 --> UT --> FW etc...

The external NIC was connected to the firewall, the internal NIC to the 6509.

Any thoughts?

dmorris · 07-10-2009, 01:37 PM

run through all the normal test:

from untangle, can you ping the gateway
from untangle, can you ping 4.2.2.1
from untangle, can you ping google.com
from untangle, can you browse to google.com
from behind untangle, can you ping untangle
from behind untangle, can you ping the gateway
from behind untangle, can you ping 4.2.2.1
from behind untangle, can you ping google.com
from behind untangle, can your browse to google.com

neiby · 07-10-2009, 01:40 PM

I'll hook it up again and let you know! Hopefully, I'm not making too many people here angry by interrupting their web surfing. :-)

WebFooL · 07-10-2009, 01:41 PM

And configure the computer behind untangle with static ip.
(or make sure that you get one from the dhcp)

neiby · 07-10-2009, 02:00 PM

Quote:

Originally Posted by WebFooL

And configure the computer behind untangle with static ip.
(or make sure that you get one from the dhcp)

I don't have a single computer behind UT, I have a whole network.

neiby · 07-10-2009, 02:01 PM

I put it back in place, but then realized that I hadn't permanently enabled the SSH server, so I couldn't access it to do the tests. I'm really rusty on my unix. I seem to recall that I have to add it to some startup script. How do I do that?

Thanks!

dmorris · 07-10-2009, 02:03 PM

just hookup the mouse and keyboard.

i always recommend those anyway

neiby · 07-10-2009, 02:06 PM

Quote:

Originally Posted by dmorris

just hookup the mouse and keyboard.

i always recommend those anyway

I can do that later when we have UT running on a permanent server connected to a KVM. Right now, it's just running on a really fast PC while we do more in-production testing. It's sitting on a shelf with some other equipment. I don't really have a place for the keyboard, mouse and monitor.

I'd rather use SSH anyway. That would save me from running back and forth between my desk and our data center. I already feel like a basketball player running suicides in practice, as much as I'm running back and forth! lol

How do I permanently enable SSH?

Thanks!

neiby · 07-10-2009, 02:12 PM

Ah, it turns out that I had added ssh to the startup using "update-rc.d ssh defaults" yesterday. So, there must be some other problem.

When it's sitting here at my desk, as it is now, I'm connecting via SSH through the external NIC. When it's in place in production, I'm connecting through the internal NIC. However, UT was denying me a connection. I wonder why.

neiby · 07-10-2009, 02:21 PM

I just reconnected to UT (at my desk) through the internal NIC via SSH with no problem. I must have done something wrong earlier. I thought I had been getting a connection refused message. I probably did something wrong because I was stressing about it. lol I'll give it another shot in a few minutes and see what's up.

07-10-2009, 01:29 PM	#1 (permalink)
neiby Master Untangler Join Date: Jun 2009 Location: Westminster, CO Posts: 598	SOLVED: No traffic after putting UT into production I ran into a snag while moving UT into production. I couldn't access anything beyond UT once I had it connected. Here is my current network: 6509 --> Cisco FW --> 3560 --> Internet I have UT configured in bridge mode. External NIC is set to dynamic and I have a reservation in DHCP for it. Internal is set to bridge. It was working during testing, but my test configuration just had it sitting between a laptop and the 6509. So, I moved the UT boxed into production by inserting it in between the 6509 and the firewall. After doing that, I could reach UT but I could not get past it. 6509 --> UT --> FW etc... The external NIC was connected to the firewall, the internal NIC to the 6509. Any thoughts? __________________ Disclaimer: I may or may not have had enough coffee when I'm posting. Interpret my responses thusly. Last edited by neiby; 07-14-2009 at 02:27 PM..

07-10-2009, 01:40 PM	#3 (permalink)
neiby Master Untangler Join Date: Jun 2009 Location: Westminster, CO Posts: 598	I'll hook it up again and let you know! Hopefully, I'm not making too many people here angry by interrupting their web surfing. :-) __________________ Disclaimer: I may or may not have had enough coffee when I'm posting. Interpret my responses thusly.

07-10-2009, 01:41 PM	#4 (permalink)
WebFooL Join Date: Jan 2009 Location: Sweden (Eskilstuna) URLs submitted: 57 Posts: 2,933	And configure the computer behind untangle with static ip. (or make sure that you get one from the dhcp) __________________ "Of all the things I've lost, I miss my mind the most" Untangle Reseller (Sweden) WebFooL@fakenews.se http://fakenews.se/ Need space to Upload content for you forum post?

07-10-2009, 02:01 PM	#6 (permalink)
neiby Master Untangler Join Date: Jun 2009 Location: Westminster, CO Posts: 598	I put it back in place, but then realized that I hadn't permanently enabled the SSH server, so I couldn't access it to do the tests. I'm really rusty on my unix. I seem to recall that I have to add it to some startup script. How do I do that? Thanks! __________________ Disclaimer: I may or may not have had enough coffee when I'm posting. Interpret my responses thusly.

07-10-2009, 02:12 PM	#9 (permalink)
neiby Master Untangler Join Date: Jun 2009 Location: Westminster, CO Posts: 598	Ah, it turns out that I had added ssh to the startup using "update-rc.d ssh defaults" yesterday. So, there must be some other problem. When it's sitting here at my desk, as it is now, I'm connecting via SSH through the external NIC. When it's in place in production, I'm connecting through the internal NIC. However, UT was denying me a connection. I wonder why. __________________ Disclaimer: I may or may not have had enough coffee when I'm posting. Interpret my responses thusly.

07-10-2009, 01:37 PM	#2 (permalink)
dmorris Untangle Junkie Join Date: Nov 2006 Location: San Mateo, CA URLs submitted: 10 Posts: 6,694	run through all the normal test: from untangle, can you ping the gateway from untangle, can you ping 4.2.2.1 from untangle, can you ping google.com from untangle, can you browse to google.com from behind untangle, can you ping untangle from behind untangle, can you ping the gateway from behind untangle, can you ping 4.2.2.1 from behind untangle, can you ping google.com from behind untangle, can your browse to google.com

07-10-2009, 02:03 PM	#7 (permalink)
dmorris Untangle Junkie Join Date: Nov 2006 Location: San Mateo, CA URLs submitted: 10 Posts: 6,694	just hookup the mouse and keyboard. i always recommend those anyway

07-10-2009, 02:21 PM	#10 (permalink)
neiby Master Untangler Join Date: Jun 2009 Location: Westminster, CO Posts: 598	I just reconnected to UT (at my desk) through the internal NIC via SSH with no problem. I must have done something wrong earlier. I thought I had been getting a connection refused message. I probably did something wrong because I was stressing about it. lol I'll give it another shot in a few minutes and see what's up. __________________ Disclaimer: I may or may not have had enough coffee when I'm posting. Interpret my responses thusly.