Page 1 of 2 12 LastLast
Results 1 to 10 of 13
  1. #1
    Untanglit
    Join Date
    Oct 2018
    Location
    Upstate NY.
    Posts
    24

    Default Thinking of making the switch.

    Hi all, first post.
    I've used Untangle in the past(about 6 years ago), in a Christian school environment, but I set it up wrong, and really screwed the pooch. However I really liked it for its ease of use. When I set up my home network, I decided to go with PFSense. I like it, but have been experiencing problems, and would like to simplify things again.
    Currently my home is setup like this.

    internet-modem-spectrum router

    pfsense which handles dns, dhcp, vlan control, web filtering(including ad blocking at the dns level). Also openvpn.

    vlan switch

    lan where the unifi controller resides on a ubuntu box, as well as a syslog server for pfsense and some of my hardwired machines. The unifi handles all of my wap needs through two ap's, which has three separate wifi vlans.

    vlan10-wifi Normal, filtered wifi.

    vlan20-guest wifi goes straight to the internet. I don't care what the kids look at, and its bandwidth controlled through unifi. unifi also blocks access to 192.168.0. However I do have rules that block access to the lan and other vlans.

    vlan40-internet of things wifi. TV's, amazon echo's fire tv's, etc. Normal. filtered wifi.

    vlan50-security cameras. No internet access, intranet only from wifi and lan. I openvpn to view when I need to.

    Again, thinking of making the switch to ease things up, and make my wife like my network again(currently she has her own internet, seriously.)
    I've been monkeying around with the untangle demo, and I really like what I see. It really looks like untangle has matured in the years I've been away.
    Ideas?

  2. #2
    Master Untangler
    Join Date
    Mar 2017
    Posts
    182

    Default

    Quote Originally Posted by mtarbox View Post
    .... and make my wife like my network again(currently she has her own internet, seriously.)
    Go really slooooooow with SSL Inspector then. Make sure she gets it you're not breaking mobile apps nor spying. Joking. Sort of.

    Ideas?
    Reading your post, you could do all that with UT. I personally don't love external syslog servers at home, it's just cpu/mem/network waste, imho. I prefer to maximize the internal storage of the UT box. The only idea I have is you really should set a testing box up and try it.
    Happily untangling the average household: 20-25 active devices, 13 racks, each with 3 - 8 apps, OpenVPN 1 in, IPSec 1 road-warrior, TunnelVPN 3 out, IPS on. Spice it up with VLANs and mix with tons of rules.

  3. #3
    Untanglit
    Join Date
    Oct 2018
    Location
    Upstate NY.
    Posts
    24

    Default

    Well, I pulled the trigger, made a backup of my pfsense configuration, and installed untangle. My only goof so far was not assigning dhcp on the vlans and the devices not getting addressed. Once I figured that out everything connected like it should. Even the kids that were over had no issues with the guest network. I do miss pfblockerng tremendously though. I see ads on the system. However I can always install pihole on the Ubuntu box and block ads that way.
    Iím surprised at little resources it uses. 15-20% ram and less than 5% cpu. With that in mind Iím sure it is cool, but I also miss seeing my temperatures on the board and cores.
    As for syslog, I did that as one of the fixes for my pfsense system as it was generating logs left and right, and in order to figure out what the issue was, I needed to collect them off of the machine so I can review them. Especially in light of me taking the pfsense box down to install untangle.
    I will figure out ssl inspector today and report back with my progress. It also helps that my wife fried her laptop, so until that returns from warranty work she can only connect on one of The desktops which is hardwired. Nothing like trial by fire!
    Last edited by mtarbox; 10-08-2018 at 05:54 AM.

  4. #4
    Master Untangler
    Join Date
    Feb 2016
    Location
    Michigan
    Posts
    658

    Default

    Besides the Ad Blocker app, there is at least one Web Filter category for blocking ads (Online Ads). I don't know whether it's effective or not because I use the Ad Blocker app for granularity purposes (I like the option to support sites). But it seems in general that Untangle users prefer to use Web Filter over Ad Blocker to block ads. For what it's worth.

  5. #5
    Untanglit
    Join Date
    Oct 2018
    Location
    Upstate NY.
    Posts
    24

    Default

    @Sam Graf, perfect. That was exactly what I was looking for, but I was looking for “ads”. I clicked that and a majority of the ads disappeared.
    So my thanks to you and to docfuz for replying so far.

  6. #6
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    23,298

    Default

    Quote Originally Posted by Sam Graf View Post
    Besides the Ad Blocker app, there is at least one Web Filter category for blocking ads (Online Ads). I don't know whether it's effective or not because I use the Ad Blocker app for granularity purposes (I like the option to support sites). But it seems in general that Untangle users prefer to use Web Filter over Ad Blocker to block ads. For what it's worth.
    It works, a little too well. Enabling that category halts just about every ad online, but it also breaks a bucket of websites and mobile apps in the process.
    f1assistance likes this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  7. #7
    Master Untangler
    Join Date
    Feb 2016
    Location
    Michigan
    Posts
    658

    Default

    Quote Originally Posted by sky-knight View Post
    It works, a little too well.
    Perhaps it does, but you don’t see a lot of community enthusiasm for Ad Blocker. The list provider has been bought off by the ad companies, the list is a subset of the Web Filter list, there are extra hoops to jump through to use it, etc. I think Ad Blocker provides the more nuanced tool, and whatever the reason, the only sites in my exclude list are sites I want to support.

    Regrettably, one or two sites I want to support still believe I’m blocking their ads and ask me to unblock them. I wish I knew better how the detection systems work.

    But I’m not interested in hijacking this thread . If mtarbox finds Web Filter to be smoothing the transition from PFSense, then perfect.

  8. #8
    Master Untangler
    Join Date
    May 2008
    Posts
    924

    Default

    You can still use pihole too. Maybe some day could include it, but I don't know if license would prevent that.

  9. #9
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    23,298

    Default

    Quote Originally Posted by Sam Graf View Post
    Perhaps it does, but you don’t see a lot of community enthusiasm for Ad Blocker. The list provider has been bought off by the ad companies, the list is a subset of the Web Filter list, there are extra hoops to jump through to use it, etc. I think Ad Blocker provides the more nuanced tool, and whatever the reason, the only sites in my exclude list are sites I want to support.

    Regrettably, one or two sites I want to support still believe I’m blocking their ads and ask me to unblock them. I wish I knew better how the detection systems work.

    But I’m not interested in hijacking this thread . If mtarbox finds Web Filter to be smoothing the transition from PFSense, then perfect.
    I don't do ad blocking at all commercially, because of the support issues that come along with it. At home, I do it at the browser level because it's more convenient. It's nice to have options though, because policy manager means I can shove what I need into a special rack at will. And when you've got four kids in the house... you come up with reasons to need more racks QUICK!
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  10. #10
    Master Untangler
    Join Date
    May 2008
    Posts
    924

    Default

    Quote Originally Posted by sky-knight View Post
    I don't do ad blocking at all commercially
    Really? What about malware coming from ads? You must be doing something else for that.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2