Page 1 of 2 12 LastLast
Results 1 to 10 of 14
  1. #1
    Untanglit
    Join Date
    Dec 2010
    Posts
    15

    Default Issue with external connection

    Hello everyone,

    My boss has asked me to set up an untangle server do some testing to see if it is a product we would like to use. I have been trying to get a connection through the external interface but have been unsuccessful so far.

    Our Setup:

    We have a server running vmWare vSphere 4 and have installed untangle 8.0 x64via the OVf template.

    I have created two vswitches(for internal and external)

    For testing I have the cable running from the external NIC to a smart switch that has a vLan which is connected to our AT&T router in order to use one of our public IPs. In the vLan there three connections; our LAN, AT&T router, and untangle external. This is so we can segregate untangle from our live network. The internal connection will just have one computer on it for testing.


    After deploying the template I ran through the setup and I keep getting a connection fail notification when setting up the external NIC. Just to make sure that everything was setup correctly, I connected my laptop to the port where the external was connected and was able to use the external IP with no problem.

    Could someone (or everyone) shoot me some suggestions on what could be causing the issue? Your help will be greatly appreciated.

  2. #2
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,486

    Default

    welcome to the forums jrice.

    I'd guess that the interfaces aren't backwards.
    No ideas other than that.

    Try installing on a physical server first. It is much easier.
    Last edited by dmorris; 12-17-2010 at 04:54 PM. Reason: spelling
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Untanglit
    Join Date
    Dec 2010
    Posts
    15

    Default

    I double and triple checked that the interfaces were correct. I even tried switching them.

    As a side note, it says that the the DNS was successful, but TCP failed.

    I will hit it again in the morning and let you know of anything new.

  4. #4
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,486

    Default

    that means it could lookup updates.untangle.com successfully but could not connect to port 80.

    you could try dropping to the terminal and just doing 'telnet updates.untangle.com 80'
    if it can't connect, there is probably a misconfig somewhere or something is blocking it.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  5. #5
    Untanglit
    Join Date
    Dec 2010
    Posts
    15

    Default

    OK, I did a few things so I cannot pinpoint where the issue was. I went ahead and removed the 64 bit version and installed the 32 bit package. I also changed the NIC type to VMXNET 3. Im not sure if that was discussed anywhere on the site, but that seemed to fix the issue. Thankyou dmorris for taking the time to help me with this issue.

  6. #6
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,514

    Default

    That is odd... I haven't been able to get Untangle to run consistently off the e1000 interface. Also, Untangle can't work with VLAN tags, it will strip them.

    Finally, the virtual switch may have to have promiscuous mode allowed on both sides of the Untangle for VMWare to get out of the way.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  7. #7
    Untanglit
    Join Date
    Dec 2010
    Posts
    15

    Default

    So I need to plug Untangle into its own switch?

  8. #8
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,514

    Default

    Not necessarily...

    For Untangle to really work within ESXi you need at least 3 interfaces in the ESXi server.

    1 is connected to the a virtual switch that will have public addressing on it
    2 is connected to the lan
    3 is connected to the lan for management

    If you try and share the management interface on an adapter used for VM traffic, things will get weird and slow. This is a limitation of VMWare, and the nature of the resource sharing.

    So Internet comes off of whatever you get it from to a switch, the VMWare server's outside interface is attached there. The second and third interfaces go to your core switches wherever they need to be. Untangle is a normal router installation with external attached to the virtual switch that is attached to the interface that goes to the internet, and the internal interface on Untangle is attached to the virtual switch that goes to the LAN / other VMs.

    If you're getting confused by reading that mess.. you're not alone, I know what I'm trying to explain and this stuff turns into gibberish really quickly. I run Untangle in ESXi all the time... so I've sort of gotten used to it.

    Another tip to keep in mind... when you configure the VM for Untangle, make sure it has two interfaces up front. However, only configure the EXTERNAL interfaces to autoconnect on boot for the first boot. That will ensure you can see in the Untangle software which interface is what, because external will need to be assigned to the interface that is lit up. Otherwise, it's frighteningly easy to get Untangle wired in the wrong way.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  9. #9
    Untanglit
    Join Date
    Dec 2010
    Posts
    15

    Default

    I understand what you are saying. On my ESX host, I have the service console(I think that is what you are reffering to) on a seperate vSwitch. And two other vSwithced for external and internal.

    I now have the external working fine, and I am working on the internal peice. This may not pertain to the above thread so if I need to create another let me know.

    I am guessing that since I am only going to have one computer connected directly to the Untagle server for testing, I need to setup the server as a router. I did this and DHCP is not working. I assumed that all I had to do was give the internal NIC some ip (say 192.168.2.1/24) and have DHCP dole out Ips in that range. For some reason this is not working for me.

  10. #10
    Untangle Ninja mrunkel's Avatar
    Join Date
    Jul 2008
    Posts
    3,022

    Default

    Quote Originally Posted by jrice View Post
    I am guessing that since I am only going to have one computer connected directly to the Untagle server for testing, I need to setup the server as a router. I did this and DHCP is not working. I assumed that all I had to do was give the internal NIC some ip (say 192.168.2.1/24) and have DHCP dole out Ips in that range. For some reason this is not working for me.
    You'll need to enable promiscuous mode on the internal vSwitch.
    m.
    <BR>
    Big Frickin Disclaimer:
    While I'm pretty sure, I can't guarantee that I know what I'm doing. There might be a better way to do this, and this way might actually suck. Make sure you understand the implications of what you're doing before trying to follow these directions.
    <BR>It often helps troubleshooting if you have a good network map. Look <A HREF="http://forums.untangle.com/tip-day/5407-how-draw-network-diagram.html">here</A> if you want my advice on how to draw one. <BR> <B>Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com<B>

Page 1 of 2 12 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2