Results 1 to 2 of 2
  1. #1
    Untangler
    Join Date
    Jul 2007
    Posts
    57

    Default Multiple Gateways, defining which is used.

    I read the discussion at http://forums.untangle.com/showthread.php?t=73&page=6 that Mr. Morris was involved with and I am hopeful that the feature is coming soon; but, I have a related but different issue that I wonder if anyone else has run into.

    We have a traditional T1 line coming in for various web servers that route through a PIX to our server VLAN on the 192.168.50.x subnet. Our workstations are on the 192.168.3.x subnet. A Cisco Catalyst performs the routing to redirect internet requests to the PIX on the 192.168.2.x subnet. Don't yell at me. I inherited this configuration.

    We recently added cable internet so that internal users could primarily use it for web requests while the servers continued to utilize the netblock on the T1 line. The problem is that I cannot seem to set the Untangle as the default gateway for a variety of reasons, so cable goes unused.

    The Untangle us 192.168.3.243. The standard default gateway is 192.168.3.254. If a user needs to access a server, the request needs to go through 192.168.3.254. All other traffic should go through 192.168.3.243.

    I have tried setting two gateway addresses in DHCP with the Untangle being the higher priority. I then configured the PIX to only allow outbound traffic from the server VLAN. This caused internet to go down for all users even with the new DHCP settings. Ergo, this will not work.

    My solution is to put a proxy server of some sort (probably ISA) on the 192.168.3.x subnet and point it to the Untangle for browser traffic. The better solution would be if I could just enter the Untangle's IP as the proxy address for browsers and SOCKS clients. But this just makes every page come up with the Untangle configuration page.

    Long discussion, but here is the gist.

    Is there any way to configure the Untangle to only proxy requests out to the internet by configuring the browser settings, but not cache the pages? I would prefer to eliminate the use of ISA and rely on the Untangle reports for my needs. I have the licenses through our partnership for ISA, but why should I over complicate the network?

    Has anyone else configured two different internet pathways on their network in a similar manner?

  2. #2
    Untangler
    Join Date
    Jul 2007
    Posts
    57

    Default

    BTW, I know that I can solve the problem with the following statements:

    route delete 0.0.0.0
    route add 192.168.50.0 MASK 255.255.255.0 192.168.3.254 METRIC 1 IF 10
    route add 0.0.0.0 MASK 0.0.0.0 192.168.3.243 METRIC 1 IF 10

    The problem is that the interface is different between computers. Vista has it as IF 10. XP on desktops has it as IF 2. Laptops with wireless have it as IF 3. So I do not know how to extract the appropriate IF to pass it through a logon batch file to modify the tables statically. Doing persistent routes would cause laptops to fail outside of the office.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2