![Untangle Networks [home]](http://www.untangle.com/templates/untangle_networks_template_950px/public/images/logo.gif){kind=logo}
![Untangle Networks [home]](http://untangle.com/templates/untangle_networks_template_950px/images/untangle_logo.gif){kind=logo}
07-07-2009, 01:22 AM
|
#1 (permalink) |
|
Newbie
Join Date: Jul 2009
Posts: 3
|
Mirroring Port on Switch
I'm getting ready to install UT, and was wondering if this config would work. Could I simply mirror the port (48>47) my Cisco ASA 5510 is connected to on my HP 3400cl switch and connect the mirrored port (47) to the UT box? I'm not sure if this is what the "Re-Router" version accomplishes. Should I use the Windows version, or the Linux ISO for this?
I don't want to put the UT box between the ASA and the switch, and was hoping this would be an option. I'm only looking to generate reports of user's internet usage. Not interested in any firewall features, since I'm happy with my ASA. I'm planning on installing UT on a Dell Optiplex 745 with a Core 2 Duo CPU, 2GB of RAM, onboard video, 2 Intel PCI Gigabit NICs, and an onboard Broadcom Gigabit NIC (if needed). Do I even need multiple NICs for this config? I figure it would only need the one line in to sniff all network traffic going in/out through the ASA. Your knowledge and insight on the subject is greatly appreciated. Thanks in advance. |
|
|
|
07-07-2009, 02:18 AM
|
#2 (permalink) |
  
Join Date: Apr 2008
Location: Phoenix, AZ
URLs submitted: 7
Posts: 7,722
|
No port mirroring doesn't work.
We get this question oddly frequently... UT needs to be inline, meaning the traffic must naturally traverse it to be filtered. Either router or bridge doesn't matter. With the ASA the only way I've been able to get it to work is router mode, two new segments off the ASA, and some source routes to move selected traffic to the UT router and out again.
__________________
Intouch Technology Rob Sandling, BS:SWE, MCP Office: 480-272-9889 rob@intouchtechllc.com |
|
|
|
07-07-2009, 02:47 AM
|
#3 (permalink) |
|
Newbie
Join Date: Jul 2009
Posts: 3
|
Hmmm....Don't know if I'll be able to set it up then. 2 new segments off the ASA? Meaning 2 ports from the ASA to the UT box? All my ports on the ASA are used up right now. I have a redundant ISP connection, so that's 2 ports. Then I have one port going to the switch, and the last port going to a wireless router that provides internet access on a separate subnet. SO I guess I'm out of luck? Someone please tell me there's a way. Thanks.
|
|
|
|
|
07-07-2009, 03:01 AM
|
#4 (permalink) |
Join Date: Jan 2009
Location: Sweden (Eskilstuna)
URLs submitted: 57
Posts: 2,173
 |
Hi,
Put the Untangle in bridge mode. Your setup today ASA-> Switch. With Untangle. ASA -> Untangle (Internal Bridge to External) -> switch. network2.jpg
__________________
"Of all the things I've lost, I miss my mind the most" Video Showing 7.1 Alpha: http://fakenews.se/ut/ Last edited by WebFooL; 07-07-2009 at 03:08 AM.. |
|
|
|
|
07-07-2009, 05:52 PM
|
#7 (permalink) |
|
Join Date: Apr 2008
Location: Phoenix, AZ
URLs submitted: 7
Posts: 7,722
|
That assumes a few things... the largest issue with the "simple" approach is VLANs. If you do any VLAN work or trunking to that LAN port on your ASA Untangle will hose your network.
If you aren't and that interface is a basic IP only thing on a simple network segment... yeah plug and go!
__________________
Intouch Technology Rob Sandling, BS:SWE, MCP Office: 480-272-9889 rob@intouchtechllc.com |
|
|
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
|
|
All times are GMT -7. The time now is 09:08 AM.
