Added 2 NICs to server for new internal and new public subnet

[dcantrell]

I've had a simple Untangle setup working for almost 2 years. External goes to the Internet, while Internal handles the 192.168.0.x network. It's been working great, and I couldn't be happier! However, I'm running out of space on the single subnet.

I just added a dual NIC to the server, which created DMZ (eth2) and eth3. I want one new port to be for a second internal network -- 192.168.1.x -- while the other port will be for public (wired/wireless) use -- 192.168.102.x. Right now, DHCP is not an issue.
I want the 192.168.1.x network to see/browse the old 192.168.0.x, and vice versa. The 192.168.102.x network should only get to the Internet and be partially filtered.

How to I configure all of this?

[sky-knight]

Welcome to the untangle forums.

A good portion of your questions can be answered here: http://wiki.untangle.com/index.php/I...my_Untangle.3F

However, I caution you that browsing network resources will never work the way you are imagining. Window's network browser works via the concept of a network broadcast, and the entire reason to have separate networks is to isolate broadcast traffic. This means you need a DNS service, and name space to connect to resources. If you don't have DNS active, then you'll be stuck using IP addresses. If you have Active Directory in place, it deals with some of this for you, assuming the DNS used to support AD is configured properly.

[dcantrell]

Thanks for the quick reply!

I was going to address the DNS/DHCP later. What I've found is that:
1) clients connected to the DMZ (eth2) can ping Internal
2) Internal clients cannot ping DMZ clients
3) DMZ clients cannot ping to the Internet

[sky-knight]

The rack only processes TCP and UDP traffic, all other protocols are bypassed. This means if you want to adjust ICMP or any other protocols, you must use the packet filter.

config -> networking -> advanced -> packet filter.