Quarantine Timeout Externally

Lexrst · 07-27-2010, 04:34 PM

OK Here's the setup:

I have Untangle setup in transparent bridge mode with an IP address of 10.0.0.21.

The external interface is connected to a firewall with an address of 10.0.0.250 and internal interface connected to the LAN.

There is only one public IP address available to the firewall with an SSL enabled website sitting on a web server on the internal network. Consequently, I have configured Untangle to listen on port 444 for External access to Quarantine. When I access h_ttps://untangle.domain.com:444/quarantine internally (resolving to 10.0.0.21) it works perfectly.

When I try to access the same URL externally (resolving to a public IP address which is mapped through the firewall - TCP port 444 to 10.0.0.21) I get a connection timeout from the browser.

When I run a ping test from the Untangle server to the firewall's default gateway, it responds normally. Internet access, Spam filtering, etc. are all working fine. I have double checked the 'Public Address' settings in Untangle and tried both the 'Use Hostname' setting and the 'Use manually specified address' setting. Both fail to connect externally. I have also made sure that the External Administration page has the 'Enable External Quaranting Viewing" enabled on port 444.

What the heck am I missing here?

Thanks to all for your assistance,

Leigh Johnson

dwasserman · 07-27-2010, 04:46 PM

Can you post here the forwarding rules of your firewall?

jcoffin · 07-27-2010, 05:50 PM

Does it work by accessing by IP address externally?

h_ttps://<your external IP address>:444/quarantine

dmorris · 07-27-2010, 06:12 PM

Quote:

Originally Posted by Lexrst

When I try to access the same URL externally (resolving to a public IP address which is mapped through the firewall - TCP port 444 to 10.0.0.21) I get a connection timeout from the browser.

When I run a ping test from the Untangle server to the firewall's default gateway, it responds normally. Internet access, Spam filtering, etc. are all working fine. I have double checked the 'Public Address' settings in Untangle and tried both the 'Use Hostname' setting and the 'Use manually specified address' setting. Both fail to connect externally. I have also made sure that the External Administration page has the 'Enable External Quaranting Viewing" enabled on port 444.

Those settings just change the link addr sent in the email - it has no effect if the port is open or not. If you can't connect from the outside I suspect you've got a port forward misconfiguration in your firewall.

welcome to the forums!

Lexrst · 07-27-2010, 09:50 PM

Well it turns out I made a bonehead mistake. Originally, the Untangle server was outside the firewall with its own discreet IP address, but the ISP's Cisco router wouldn't play nice with it, so I had to move it to the inside of the firewall.

Having done so, I should have changed the IP address in the external DNS to match that of the firewall, rather than the address previously assigned to the Untangle box.

Long story short, I had the wrong IP address in my DNS and was assuming it was correct without actually verifying. Big d'oh! on that one. I have now changed it to the correct address and all is well in Untangleland.

Thanks for the prompt suggestions... I appreciate the help.

-Leigh Johnson

07-27-2010, 04:34 PM	#1 (permalink)
Lexrst Newbie Join Date: Mar 2010 Posts: 2	Quarantine Timeout Externally OK Here's the setup: I have Untangle setup in transparent bridge mode with an IP address of 10.0.0.21. The external interface is connected to a firewall with an address of 10.0.0.250 and internal interface connected to the LAN. There is only one public IP address available to the firewall with an SSL enabled website sitting on a web server on the internal network. Consequently, I have configured Untangle to listen on port 444 for External access to Quarantine. When I access h_ttps://untangle.domain.com:444/quarantine internally (resolving to 10.0.0.21) it works perfectly. When I try to access the same URL externally (resolving to a public IP address which is mapped through the firewall - TCP port 444 to 10.0.0.21) I get a connection timeout from the browser. When I run a ping test from the Untangle server to the firewall's default gateway, it responds normally. Internet access, Spam filtering, etc. are all working fine. I have double checked the 'Public Address' settings in Untangle and tried both the 'Use Hostname' setting and the 'Use manually specified address' setting. Both fail to connect externally. I have also made sure that the External Administration page has the 'Enable External Quaranting Viewing" enabled on port 444. What the heck am I missing here? Thanks to all for your assistance, Leigh Johnson

07-27-2010, 04:46 PM	#2 (permalink)
dwasserman Join Date: Jun 2008 Location: Argentina URLs submitted: 29 Posts: 2,165	Can you post here the forwarding rules of your firewall? __________________ The world is divided into 10 kinds of people, who know binary and those not

07-27-2010, 05:50 PM	#3 (permalink)
jcoffin Untangler Join Date: Aug 2008 Location: San Mateo, CA URLs submitted: 1 Posts: 863	Does it work by accessing by IP address externally? h_ttps://<your external IP address>:444/quarantine

07-27-2010, 09:50 PM	#5 (permalink)
Lexrst Newbie Join Date: Mar 2010 Posts: 2	Well it turns out I made a bonehead mistake. Originally, the Untangle server was outside the firewall with its own discreet IP address, but the ISP's Cisco router wouldn't play nice with it, so I had to move it to the inside of the firewall. Having done so, I should have changed the IP address in the external DNS to match that of the firewall, rather than the address previously assigned to the Untangle box. Long story short, I had the wrong IP address in my DNS and was assuming it was correct without actually verifying. Big d'oh! on that one. I have now changed it to the correct address and all is well in Untangleland. Thanks for the prompt suggestions... I appreciate the help. -Leigh Johnson