New UT install, need help, internal network does not work

SMocek · 07-03-2009, 10:20 AM

Greetings all, I had my Cisco PIX die this morning, and I had been thinking about an UT install anyway. So far, I can browse the Internet from the UT machine, but none of the work stations or servers can see the Internet. They can see each other, but not the UT machine. Before I start, I have searched forums and wiki and am still lost.

Setup - Netopia modem in bridge mode, 5 static ips. UT machine does the PPPoe log in.

External - wasn't sure what to Alias IPs, but I do have my XXX.XXX.XXX.XXX/29 subnet in there.

Internal interface I have as static, Primary IP address is the UT machine, 192.168.1.254/32

No IP address alias's

NAT policies for two internal servers as xxx.xxx.xxx.xxx/32 and point to an external source address

Port forwards are standard for email and web, although those aren't working either, since the machines can's see the net.

hostname edge.xxxxx.local

No DHCP or DNS as that is done on the server.

Luckily no one is in today except me, but I need to get this fixed. Untangle is not answering there phones today, probably because of the holiday.

Is there someone out there that can help? Thanks!

Stan M

neiby · 07-03-2009, 01:05 PM

I'm brand new to UT and I don't know too much about it. Are you doing the NAT on UT or on the Netopia box? If you're doing that on the modem, is UT in bridge mode or routed mode?

I'm guessing that you're doing NAT on UT (which I haven't run across yet) and it's in routed mode. Is that correct?

neiby · 07-03-2009, 01:08 PM

Wait.... Ignore my last question. I have a new one. Why do you have a /32 mask on your internal interface? Change that to the actual netmask and see if that helps.

castries · 07-03-2009, 03:16 PM

Do u have the racks installed where you see all the apps? eg webfilter, firewall,

SMocek · 07-03-2009, 03:33 PM

Quote:

Originally Posted by neiby

Wait.... Ignore my last question. I have a new one. Why do you have a /32 mask on your internal interface? Change that to the actual netmask and see if that helps.

Sorry to be so late getting back - yes I have changed that. Right now it appears that one of the network cards, even though it's status was "connected", it wasn't passing any traffic.

SMocek · 07-03-2009, 03:34 PM

Quote:

Originally Posted by castries

Do u have the racks installed where you see all the apps? eg webfilter, firewall,

Actually, I took everything out except for the firewall.

raditude · 07-03-2009, 08:54 PM

Your internal LAN segment needs to be on the same subnet as your actual LAN, so if you are running say 192.168.0.0/24 on all internal machines then your internal IP should be sometihng like 192.168.0.x/24. By setting it at 32 it is not in the same subnet as your LAN and will not talk to it at all.

You add your external IP's to be aliased under the External Interfaces tab. Once those are there, then you can use NAT to send your servers traffic out via those, as well as setup the port forwards you noted.

For the firewall do you have the default set for pass or block? If it is block then you need to make sure you have rules in there to allow traffic to pass. If you have the default as pass, for now nothing else would be needed to get it working.

Your NIC card probably has nothing wrong with it, if you truely had /32 in your LAN IP address, different subnet means no communication.

neiby · 07-05-2009, 11:51 PM

Smocek, let us know if you were able to get this working. I'd be interested to find out what the solution was.

07-03-2009, 10:20 AM	#1 (permalink)
SMocek Newbie Join Date: May 2009 Posts: 3	New UT install, need help, internal network does not work Greetings all, I had my Cisco PIX die this morning, and I had been thinking about an UT install anyway. So far, I can browse the Internet from the UT machine, but none of the work stations or servers can see the Internet. They can see each other, but not the UT machine. Before I start, I have searched forums and wiki and am still lost. Setup - Netopia modem in bridge mode, 5 static ips. UT machine does the PPPoe log in. External - wasn't sure what to Alias IPs, but I do have my XXX.XXX.XXX.XXX/29 subnet in there. Internal interface I have as static, Primary IP address is the UT machine, 192.168.1.254/32 No IP address alias's NAT policies for two internal servers as xxx.xxx.xxx.xxx/32 and point to an external source address Port forwards are standard for email and web, although those aren't working either, since the machines can's see the net. hostname edge.xxxxx.local No DHCP or DNS as that is done on the server. Luckily no one is in today except me, but I need to get this fixed. Untangle is not answering there phones today, probably because of the holiday. Is there someone out there that can help? Thanks! Stan M

07-03-2009, 08:54 PM	#7 (permalink)
raditude Master Untangler Join Date: Jan 2009 Location: Eugene, OR Posts: 579	Your internal LAN segment needs to be on the same subnet as your actual LAN, so if you are running say 192.168.0.0/24 on all internal machines then your internal IP should be sometihng like 192.168.0.x/24. By setting it at 32 it is not in the same subnet as your LAN and will not talk to it at all. You add your external IP's to be aliased under the External Interfaces tab. Once those are there, then you can use NAT to send your servers traffic out via those, as well as setup the port forwards you noted. For the firewall do you have the default set for pass or block? If it is block then you need to make sure you have rules in there to allow traffic to pass. If you have the default as pass, for now nothing else would be needed to get it working. Your NIC card probably has nothing wrong with it, if you truely had /32 in your LAN IP address, different subnet means no communication. Last edited by raditude; 07-03-2009 at 08:58 PM.. Reason: Added alias info/firewall & NIC

07-03-2009, 01:05 PM	#2 (permalink)
neiby Master Untangler Join Date: Jun 2009 Location: Westminster, CO Posts: 481	I'm brand new to UT and I don't know too much about it. Are you doing the NAT on UT or on the Netopia box? If you're doing that on the modem, is UT in bridge mode or routed mode? I'm guessing that you're doing NAT on UT (which I haven't run across yet) and it's in routed mode. Is that correct?

07-03-2009, 01:08 PM	#3 (permalink)
neiby Master Untangler Join Date: Jun 2009 Location: Westminster, CO Posts: 481	Wait.... Ignore my last question. I have a new one. Why do you have a /32 mask on your internal interface? Change that to the actual netmask and see if that helps.

07-03-2009, 03:16 PM	#4 (permalink)
castries Untanglit Join Date: Mar 2009 Location: Toronto, Ontario Posts: 13	Do u have the racks installed where you see all the apps? eg webfilter, firewall,

07-05-2009, 11:51 PM	#8 (permalink)
neiby Master Untangler Join Date: Jun 2009 Location: Westminster, CO Posts: 481	Smocek, let us know if you were able to get this working. I'd be interested to find out what the solution was.