Results 1 to 7 of 7
  1. #1
    Untanglit
    Join Date
    Jun 2009
    Location
    Portugal
    Posts
    26

    Default Bypass Rule Help

    Hello Guys!!
    I have the following configuration:

    Cisco 2820 -> Untangle -> Network Switch
    Bridge Mode

    My company makes part of a multinational company that is connected to each other using VPN managed by Cisco Routers.
    So on my network i need a Bypass Rule for all the 10.0.0.0/8 network, all servers on global company directory have one A class IP.

    How can i leave one ip not to be bypassed? My network is a 10.132.1.0/24
    and i need to leave 10.132.1.6 (exchange) out of the bypass rule so mail can be filtered.

    Thanks
    Last edited by m00re; 08-24-2010 at 03:26 PM.

  2. #2
    Untangle Ninja gotkimchi's Avatar
    Join Date
    Jan 2007
    Location
    Bay Area
    Posts
    2,108

    Default

    sorry, unable to follow you. If you are only wanting to filter the SPAM, you could move the Untangle in front of the exchange server. External interface on the Untangle will go to the switch, and the internal interface on the Untangle will go to the exchange. Make sure that the Untangle is in the bridge mode. This way, only the exchange will go through the Untangle and everyone else will go out normally.
    to be understood, you must first understand.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself. If you need Untangle support please call or email support@untangle.com

  3. #3
    Untangle Ninja proactivens's Avatar
    Join Date
    Sep 2008
    Location
    Greensburg, Pa
    Posts
    2,365

    Default

    I think he has clients behind the untangle, correct? He is talking about only bypassing his servers, but I would assume he has clients (pc's) behind untangle as well.

    In any case, thats a tough one. Bypass rules are not like packet filter or firewall rules. Could you multihome the mail server or assign it an aliased address with a different network address and send the mail to the alias?
    www.nexgenappliances.com
    Toll Free: 866-794-8879
    UNTANGLE STAR PARTNER
    Follow us at spiceworks!

  4. #4
    Untanglit
    Join Date
    Jun 2009
    Location
    Portugal
    Posts
    26

    Default

    Sorry Guys if i wasn't clear enough!

    In my network we use the following ip 10.132.1.0/24 this in PT, all the others country where my company exists use some 10.0.0.1 IP, for example Spain uses 10.138.1.0/24, Mexico 10.133.100.0/24 etc etc

    So i need to create a bypass rule that allows me to access all the resources that are out of my country.
    If i do that bypass rule that same bypass includes my Exchange server, so the question is if there's any way to have those bypass rules except on one specific IP (exchange Server) .
    I cant move Untangle in front of exchange because the main goal for having Untangle is the fantastic web filter
    The best of the two worlds was use also spam filter.

  5. #5
    Untangle Ninja gotkimchi's Avatar
    Join Date
    Jan 2007
    Location
    Bay Area
    Posts
    2,108

    Default

    just create multiple rules. You can use comma (,), dash (-), or slash (/) notation. You can not mix and match on the same line.
    to be understood, you must first understand.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself. If you need Untangle support please call or email support@untangle.com

  6. #6
    Untanglit
    Join Date
    Jun 2009
    Location
    Portugal
    Posts
    26

    Default

    Quote Originally Posted by gotkimchi View Post
    just create multiple rules. You can use comma (,), dash (-), or slash (/) notation. You can not mix and match on the same line.
    Yep!! At first i had created a rule for each service i have outside my organization but each day i get new requests from users saying that "we cant access this, we cant do that" so the best way was to bypass all the subnets.

    I know that they had configured an alias for exchange, if i do a telnet from home to mail.company.com 25 i got answer from my exchange.

    Is there any other work around this?

    Thanks

  7. #7
    Untanglit
    Join Date
    Jun 2009
    Location
    Portugal
    Posts
    26

    Default

    Just found the solution for this
    I had just add a new rule to be active before the one i have

    Check attach

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2