Page 3 of 6 FirstFirst 12345 ... LastLast
Results 21 to 30 of 58
  1. #21
    Master Untangler HomeNet's Avatar
    Join Date
    Sep 2007
    Location
    Pennsylvania, USA
    Posts
    193

    Default

    Quote Originally Posted by raditude View Post
    OK, what about the NAT issue, you are pushing 192.168.1.3/32 back out whatever external IP you are brining it in on? If you dont have your NAT policy in place it will send it back out the 1st IP you entered, and thus no love on completing the communication.
    You lost me on that one.... Say all that again?

  2. #22
    Untangle Ninja raditude's Avatar
    Join Date
    Jan 2009
    Location
    Eugene, OR
    Posts
    1,143

    Default

    OK under Config>Networking>Interfaces choose Internal, then you will want/need something like the attached.
    Attachment 2346

  3. #23
    Master Untangler HomeNet's Avatar
    Join Date
    Sep 2007
    Location
    Pennsylvania, USA
    Posts
    193

    Default

    Quote Originally Posted by raditude View Post
    OK under Config>Networking>Interfaces choose Internal, then you will want/need something like the attached.
    Attachment 2346
    Sorry about that...

    Mine is...well, uneventful.... See my screen-shot.

    Note that I've never been on this part of the config before so I'm curious if this is new or not. This is version 7.1.1 and I've been using UT since version 5.0, at least! And, again, this used to work just fine - for years...
    Last edited by HomeNet; 03-16-2010 at 12:31 PM. Reason: Forgot screen-shot

  4. #24
    Untangle Ninja raditude's Avatar
    Join Date
    Jan 2009
    Location
    Eugene, OR
    Posts
    1,143

    Default

    Dont see a screenshot, so not sure what yours says? This is not new, and the problem if you dont put the NAT entries in place (in router mode), is that all traffic from internal will go out whatever is the 1st address listed under Config>Networking>Interfaces>External, and if you have multiple IP's, and traffic coming in via an alias, but going back out the default, there is no way for it to work correctly.

  5. #25
    Master Untangler HomeNet's Avatar
    Join Date
    Sep 2007
    Location
    Pennsylvania, USA
    Posts
    193

    Default

    Quote Originally Posted by raditude View Post
    Dont see a screenshot, so not sure what yours says? This is not new, and the problem if you dont put the NAT entries in place (in router mode), is that all traffic from internal will go out whatever is the 1st address listed under Config>Networking>Interfaces>External, and if you have multiple IP's, and traffic coming in via an alias, but going back out the default, there is no way for it to work correctly.
    OK, I forgot the screen-shot. I'm, having a banner day today!!

    Well, like I said, it has worked for years... We only use the alias' so we can give internal servers "public IPs" in order for us and other vendors to have remote access to them.

  6. #26
    Untangle Ninja raditude's Avatar
    Join Date
    Jan 2009
    Location
    Eugene, OR
    Posts
    1,143

    Default

    Good rule of thumb anytime you have multiple IP's (external), is to remove the 0.0.0.0/0 auto rule and add (if nothing more) 192.168.1.0/24 your primary external IP.

    Now as to why it has worked in the past, who knows, in theory it should never have worked, as when someone tries to connect to IP .197, and gets a reply from .193, if they accept it, there is no security there, because there is nothing that ties the 2 IP's together.

    As well as the only IP you can connect to the external admin for UT is the primary IP (this might be changeable in the GUI, but not by default).

  7. #27
    Master Untangler HomeNet's Avatar
    Join Date
    Sep 2007
    Location
    Pennsylvania, USA
    Posts
    193

    Default Solved

    Quote Originally Posted by raditude View Post
    Good rule of thumb anytime you have multiple IP's (external), is to remove the 0.0.0.0/0 auto rule and add (if nothing more) 192.168.1.0/24 your primary external IP.

    Now as to why it has worked in the past, who knows, in theory it should never have worked, as when someone tries to connect to IP .197, and gets a reply from .193, if they accept it, there is no security there, because there is nothing that ties the 2 IP's together.

    As well as the only IP you can connect to the external admin for UT is the primary IP (this might be changeable in the GUI, but not by default).
    YOU ARE THE MAN!!!

    Like I said, I'd never been in that part of the config but, obviously, it's important! I'm curious if they were auto-filled in earlier versions and then, after several years worth of updates, they bombed out.... I don't know but it doesn't matter either....it works! I can ping, RDP, use the remopte admin page, et cetera.

    Once again, thank you!

  8. #28
    Untangle Ninja raditude's Avatar
    Join Date
    Jan 2009
    Location
    Eugene, OR
    Posts
    1,143

    Default

    Glad it is now working!

  9. #29
    Master Untangler HomeNet's Avatar
    Join Date
    Sep 2007
    Location
    Pennsylvania, USA
    Posts
    193

    Default

    Is there a way to mark this as solved?

  10. #30
    Untangle Ninja raditude's Avatar
    Join Date
    Jan 2009
    Location
    Eugene, OR
    Posts
    1,143

    Default

    Only way I know of is if you can go back and edit your 1st post and add to the title (under advanced reply) that it is solved, and then just put in bold words at the top of the first post that this was resolved. UT will leave this active for a bit though so others searching with similar issues might be able to fix their installs.

Page 3 of 6 FirstFirst 12345 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2