    Default Initial Impressions & Feedback (note: 'prosumer usage')

    Wanted to post some quick feedback and first impressions of the Untangle Gateway.

    First off, I'm probably not the target market - I'm more of a "prosumer" and not a reseller or firewall expert. My current firewall setup is either m0n0wall or the Linksys RV082 box. My primary needs are a solid firewall with VPN capability and traffic shaping / QoS. I decided to give Untangle a shot after I heard good things from friends regarding the anti-virus and web content filtering.

    So here's my take for what it's worth:

    Overall Impressions
    Very impressive overall and I think this holds great promise to move to a broader (perhaps "downstream") audience - not just SMB network admins or resellers. There are a few things in my case which were show stoppers (like no PPTP VPN) and it was too difficult to figure out what hardware works and where I could get it quickly (e.g. Amazon or Newegg). I'm hoping some of the kinks will be worked out and a PPTP server added so I can get rid of my existing firewall and use this for everything. Right now I'm using it as a bridge behind my firewall for the anti-virus and web filtering capabilities.

    Firewall off by default
    This was a bit surprising to me that the firewall is off by default. It would be nice to just make that standard ON for everyone, block all traffic by default, but allow outbound from LAN, etc. (similar to m0n0wall default rules).

    PPTP VPN Server
    I don't want to have to install specialized VPN software and just want to use the VPN software built into Windows. I know PPTP isn't the most secure protocol in the world, but ease of use trumps in my case. Hoping this will be added in the future (again, like m0n0wall and the Linksys RV series).

    Default Firewall Logging
    There is no way to "block on by default" and log the blocked traffic. Hoping this will be added an an option. I tried to turn off the blocking of all traffic and add a block rule that would log, but had no success. Not sure why (but didn't spend time debugging either).

    Virus Blocker Blocks Resumed Downloads
    I was going absolutely mad trying to figure out why my Apple TV suddenly stopped streaming content (like trailers) until I found the posts mentioning that you have to turn off the disabling of HTTP resume. This should not be checked by default as causes headaches for folks who use streaming protocols like those from Apple.

    Open / Detectable Ports
    I'd ideally like all ports that I don't need non-detectable from the outside (tested via Shield's Up). The only way I could figure out how to turn off ports (like SSH and HTTPS) was to use the Advanced filters setting. Hoping that this could be made simpler.

    Random Interrupted/Corrupted Downloads
    There seem to be cases where downloads are interrupted or corrupted - but I haven't been able to pin down what's causing it (I turn off the "block HTTP resumes already"). The one case I remember specifically was were my Sonos Desktop software was trying to upgrade and continually failed until I removed Untangle. Again, not sure why, but it's disconcerting.

    Other than the items above, I'm extremely impressed with Untangle and hope the company does very well. I'd love to see the UI move downstream towards the prosumer segment and some more options around standardized / appliance hardware.


    The entire point of a UTM is to build a more intelligent way to firewall a network. With that objective in mind, the firewall module is basically considered depreciated. Not that I mean that directly, the firewall has its use. But the entire point is to get past the port and IP level defenses and use something more intelligent. So really you're only supposed to rely on the firewall as a last ditch effort.

    Random Interrupted/Corrupted Downloads is a performance issue. That issue could be linked to your network interfaces, a lack of ram, or a lack of CPU for your internet's usage level and speed. This issue bubbles back into the difficulty of finding compatible hardware... I'm with you on this one as that is the single largest pain point for me.

    Now, as for the AV blocker killing resumes... this is done by default because it is impossible to scan a partial file. UT cannot tell when you start and stop a file, nor can it afford to store all the partial files that may be completed later. So if you enable this functionality you do so with the understanding that you have effectively disabled the AV module.

    Apple is a big annoyance for that issue above as you have discovered. This would be easily solved if the Apple consumer base would get off their arses and yell at Mr. Jobs to get a clue and allow apple devices to use the flash player like everyone else.

    There are members of this community who are system builders and have taken it on themselves to build working units. They are offloading the difficulty of testing the equipment for you. So if you don't want to grow it yourself, you're welcome to purchase one of these UT designed units. Untangle itself is a software company, and they have stated they don't want to get into hardware. That leaves us in the channel the problem of nailing down the hardware compatibility issue.

    As for the open ports....

    Remote admin is enabled by default and this necessitates opening TCP port 443. If you want to disable that functionality that incorporated by design that adjustment is an "advanced" configuration and easily corrected with a packet filter rule.

    However, I agree totally with the SSH port... why that thing shows as closed on external is entirely beyond me. It is simply unwise to show that port in existence at all by default. SSH is itself an advanced thing and should require advanced mode manipulation to ENABLE the thing... not shut it down.
    Random Interrupted/Corrupted Downloads is a performance issue. That issue could be linked to your network interfaces, a lack of ram, or a lack of CPU for your internet's usage level and speed. This issue bubbles back into the difficulty of finding compatible hardware...
    I tried to build a pretty fast system. I'm running a dedicated Shuttle KPC with a dual-core processor (at 2.2Ghz), 2GB of RAM and the recommended Intel Pro/1000 GT. I was hoping that's more than enough power for 5 home users, but perhaps not.

    Anyway... love Untangle, can't wait to see the updates!

