[Request] - Offline Client

**Xhen** · 09-17-2013, 12:34 AM

Hi All:
I have been used several years the complete version of Untangle, and the solution is great, but I have think about the idea when computers are disconnected from the company.
I have users that travel to Asia long period of times and when they come back with the computer sometimes the computers are full of garbage.

maybe someone have thought about the idea of a small client installed in the computer which control the internet access in a remote computer based in the last synchronization when the computer was connect to the office, this way with the client the remote user will have same policy about web protection like he was working in the office.

I don't know if it is possible with this architecture or not but I think this will be a great improvement...

Some Client option:
synchronize the untangle list and policy
password protection to avoid uninstall.

**sky-knight** · 09-17-2013, 07:52 AM

The names escape me at the moment, but Server 2012 and Windows 8 solve this problem naturally.

Also, it's now possible with Untangle to perform full tunnel with OpenVPN soft clients. If you combine that configuration, with the service mode of the OpenVPN client it's possible to have the device VPN to your Untangle server permanently. Once connected, due to the full tunnel nature of the connection, all traffic goes through the tunnel to be filtered.

I'm not entirely sure how that will play with the great firewall of China.

But the only way you can really solve this is with a heavily managed firewall on the client itself. It prevents all but the most basic connectivity unless the VPN is up.

**Xhen** · 09-18-2013, 02:30 AM

thanks for the info but I was talking something more easy not to use with VPN, off-line client.

**hlarsen** · 09-18-2013, 08:43 AM

sorry, i highly doubt that's going to happen.

**sky-knight** · 09-18-2013, 07:08 PM

Originally Posted by Xhen

thanks for the info but I was talking something more easy not to use with VPN, off-line client.

So magic?

**pirateghost** · 09-18-2013, 08:24 PM

Originally Posted by sky-knight

So magic?

that other guy (the one we shall not name) does this....but only because they already had a desktop client....

**sky-knight** · 09-18-2013, 09:22 PM

I "think" Windows 8 is supposed to have a VPN of sorts that allows it to phone home to a 2012 domain. It's part of the "cloud" thing. But the documentation is sparse, and reeks of sales pitch.

Still, it's hard to beat MS's PPTP service for this sort of thing. Fire that thing up, you can basically doubleclick configure anything to hit it, and you're off to the races.

The other "clientless" VPN's I've seen are little more than HTTPs web file browsers. There are certainly plenty of those out there. Ajaxexplorer?

But if you want to control Internet traffic coming from a traveling corporate piece of equipment, your only choice is a client firewall that's centrally configured, or a full tunnel always on VPN.

**pirateghost** · 09-18-2013, 09:42 PM

Originally Posted by sky-knight

I "think" Windows 8 is supposed to have a VPN of sorts that allows it to phone home to a 2012 domain. It's part of the "cloud" thing. But the documentation is sparse, and reeks of sales pitch.

Still, it's hard to beat MS's PPTP service for this sort of thing. Fire that thing up, you can basically doubleclick configure anything to hit it, and you're off to the races.

The other "clientless" VPN's I've seen are little more than HTTPs web file browsers. There are certainly plenty of those out there. Ajaxexplorer?

But if you want to control Internet traffic coming from a traveling corporate piece of equipment, your only choice is a client firewall that's centrally configured, or a full tunnel always on VPN.

i was referring to another UTM that shall remain nameless.....if you havent seen it recently, they integrated their UTM in with their desktop client to make the proxy/filter profiles travel with the client, without requiring a connection to the mother ship 24/7....

but the difference there is that they already had their desktop client out on the market for years...so it wasnt that difficult to add in i am sure...

**sky-knight** · 09-18-2013, 11:11 PM

I highly doubt the database went with it, but I could see it using zVelo's tech directly as it's just a DNS query.

Handy!

But if that's all you want, why not just use OpenDNS? There's a few AD tricks to override DNS server settings, even when mobile...

This does give me a crazy idea I need to test.

Thread: [Request] - Offline Client

LinkBack

Thread Tools

[Request] - Offline Client

Tags for this Thread

Posting Permissions