Results 1 to 5 of 5
  1. #1
    Newbie
    Join Date
    Apr 2018
    Posts
    2

    Default Country filtering based on domain name

    I've got a Web server behind my untangle that host 2 Web sites each with a different domain. Site A I want to have it only accessible to clients in the US. As for site B I need that to be accessible to every one.

    I was able to get the country filtering to work but it filters for both is there a way to filter for only one and not the other with out putting the two sites on different external IP's?

    Thanks

  2. #2
    Master Untangler f1assistance's Avatar
    Join Date
    Apr 2009
    Location
    Holly Springs, NC
    Posts
    893

    Default

    I realize this comment not helpful, but my first thought was with tor and vpn, what's the point...I have a boat load of completely UN-knowledgeable clients currently using such and they know not exactly why, it simply sounded more secure, and their hope to somehow shield their questionable surfing habits. D'oh!
    Untangle...because nothing's worse than doing nothing!
    -------
    2, Pentium (R) Dual-Core CPU E5300 @ 2.60GHz 2599.968, 2089.96MB RAM

  3. #3
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    22,699

    Default

    Quote Originally Posted by blackboxgeeks View Post
    I've got a Web server behind my untangle that host 2 Web sites each with a different domain. Site A I want to have it only accessible to clients in the US. As for site B I need that to be accessible to every one.

    I was able to get the country filtering to work but it filters for both is there a way to filter for only one and not the other with out putting the two sites on different external IP's?

    Thanks
    Yes, but you'll still need different internal IPs for the site. Firewalls work on addresses not domain names. The firewall module works after NAT translation, so you can use destination address, internal address in your block rules. So if you host the two websites on the same server, but give it two internal IP addresses, and make two separate port forward rules. You can use the destination internal directive to make completely different rule sets for both web "servers". The hard part will be configuring the web server to use the appropriate internal addressing.
    f1assistance likes this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  4. #4
    Newbie
    Join Date
    Apr 2018
    Posts
    2

    Default

    I know that I cant filter in firewall by domain names. Giving each site its own internal IP is not a problem but with that how do you port forward then based on domain names? As far as I can tell its rules are the same as the firewalls in that it can't use domain names.

  5. #5
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    22,699

    Default

    You don't port forward based on domain names, you're right. Sorry that's a dead end. You need a proxy server to "forward" via URL and that's still a singular IP address so the firewall won't work. So you cannot combine these two things without a second public address. Not sure what I was thinking before.
    f1assistance likes this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2