Page 3 of 6 FirstFirst 12345 ... LastLast
Results 21 to 30 of 60
  1. #21
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,482

    Default

    Quote Originally Posted by dmorris View Post
    Thats exactly what it does.

    If you have 2 hosts A, B and a gateway G.
    Untangle will filter A->G and G->A and B->G and G->B but not A->B or B->A

    So just like a normal dedicated server, it sees inbound and outbound traffic only but not intranetwork traffic. (Performance issues aside, filtering intranetwork traffic would be problematic anyway)
    And therein lies the problem. If the real gateway thinks Untangle owns the internal IP address of the client. Which it would have to, in order to route the return packet to the UT server instead of the client itself. Then when the packet hits the UT and gets filtered, the UT then has to send out a new packet to the correct IP address and mac which is formed with the clients real MAC address so the return path makes it home.

    My point is the rest of the network has no clue what the "real" mac address is because you've overridden it making it all come to UT. Now, UT is "every client" it is "every IP" until UT fixes it to make the return path. This means "every communication" comes to UT on layer two. This means that if client A and client B try to talk directly they both will intern instead talk to the UT server. Now if the two clients are gigabit and the UT server is 10/100 all of a sudden the middle man can't keep up... Even in a purely 10/100 network you're forcing the single link that connections the UT to field every packet on the lan. So a 10 PC 100mbit network now has a small 10mbit logical pipe to talk to EVERY PC on the lan....

    Yes, this is a performance problem... Yes this will screw people up. Do you want me to draw a picture? This weekend if I can carve out the time I've been promising to test this for you guys I'll run some bandwidth tests.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  2. #22
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,486

    Default

    Quote Originally Posted by sky-knight View Post
    My point is the rest of the network has no clue what the "real" mac address is because you've overridden it making it all come to UT.
    There is your false assumption. Only the gateway needs to think the client's MAC is the untangle vm. The rest of the hosts know the real MAC address of the other hosts.

    ps - have you tried it?
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #23
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,482

    Default

    Quote Originally Posted by dmorris View Post
    There is your false assumption. Only the gateway needs to think the client's MAC is the untangle vm. The rest of the hosts know the real MAC address of the other hosts.

    ps - have you tried it?
    My false assumption? You're the one that said it filtered in both directions. If all this thing does is spoof the mac of the gateway my entire problem doesn't exist but at the same time packets coming from the gateway to the lan aren't filtered. Unless you've managed to change an "arp broadcast" into an "arp unicast." Anyway I'm downloading the current beta now, really slow download so I have an hour or so before I can toss this on my laptop. From there I will inspect the arp tables of 2 clients and the UT server I have as a primary router. I'll find out very shortly exactly what it plays with and what it doesn't. My findings will be posted here, for everyone to read and I'm ready and willing to stand up and say I'm an ignorant overly paranoid git.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  4. #24
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,482

    Default

    Thanks to http://forums.untangle.com/showthrea...0387#post30387

    I lost my time to test this afternoon... if I don't collapse in a heap after this evening's service call I'll try it then.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  5. #25
    Untanglit
    Join Date
    Jan 2008
    Posts
    16

    Default

    Hi all,
    I'm trying today, isn't succseefuly :-(
    Installing - OK.
    But, when reboot PC, systray, icon displayied Status:Starting
    I can't launch Admin console:

    ----------------------
    Python WNDPROC handler failed
    Traceback (most recent call last):
    File "untangle_systray.py", line 119, in OnInitDialog
    pywintypes.error: (0, 'SetForegroundWindow', 'No error message is available')
    Python WNDPROC handler failed
    Traceback (most recent call last):
    File "untangle_systray.py", line 119, in OnInitDialog
    pywintypes.error: (0, 'SetForegroundWindow', 'No error message is available')
    Unhandled exception in thread started by
    Traceback (most recent call last):
    File "untangle_systray.py", line 128, in Timer
    File "untangle_systray.py", line 136, in EndDialog
    pywintypes.error: (1400, 'EndDialog', 'Invalid window handle.')
    Unhandled exception in thread started by
    Traceback (most recent call last):
    File "untangle_systray.py", line 128, in Timer
    File "untangle_systray.py", line 136, in EndDialog
    pywintypes.error: (1400, 'EndDialog', 'Invalid window handle.')
    WARNING:root:error launching untangle client
    WARNING:root:error launching untangle client
    WARNING:root:error launching untangle client
    WARNING:root:error launching untangle client
    WARNING:root:error launching untangle client
    WARNING:root:error launching untangle client
    ----------------------------------------------------

    What I do wrong?
    Thanks for very good relase idea !!!!

    p.s I'm testing on machine: WinXP pro SP3, AMD Athlon X2 Dual Core 4200+, 2,0 GB RAM
    Last edited by bonus; 09-13-2008 at 10:57 AM.

  6. #26
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,482

    Default

    Yeah my install on my laptop blew chunks as well. No errors, the thing simply won't start. It did slow my poor laptop down to a dog crawl before I managed to deinstall it.

    To be fair, this one was my fault. The requirements stated XP pro and I forgot my laptop is running Home. So I'm down again until I can find another machine to test this with.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  7. #27
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,486

    Default

    bonus,

    Let me ask around and see if one of the engineers has an idea. Thanks for the feedback!
    (edit: are you launch the admin client or opening the untangle console?)

    sky-knight,

    you finally installed it!
    (did you get your other issue sorted?)
    When you get your head above water we can help you troubleshoot why it might not be starting. Last I heard it should work on XP home...
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  8. #28
    Untangler
    Join Date
    May 2008
    Posts
    518

    Default I must be missing the point.

    Windows by itself is unstable enough. Then to run in a vm on top of that? The only use I can see would be to protect a laptop on the road. I think it would be better to do that in windows itself. Well that might be too much work.
    I think it would be better to run windows in the vm on a stable os of your choice. Might even be less work that way. Just add the vm to the existing release?
    If you are running out of improvements to work on I could suggest a few. DNS working with AD would be nice to have :-)
    I hope it does what you are trying to do and does not take away to much from the real untangle products. Good luck and thanks for a great product.


    Don

  9. #29
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,482

    Default

    Donhwyo with all due respect...

    Anyone that blanketly says Windows is "unstable" is simple demonstrating their ignorance.

    As for this process, the primary use I can see for this type of deployment is to demonstrate the Untangle product. If I can make the thing run on this laptop, and given I can turn it off and on at will, I can simply plug into a network and show the customer the thing running. So I really want my laptop to run this thing, yeah the box is home and I can't change that until next week when my Action Pack shows up.

    I'm going to try it on the laptop again later I think, I didn't exactly follow the prompts... and I'm thinking trying to launch the loader myself before I rebooted might have gummed up the works.

    Still the deinstaller needs work, it doesn't pull the VMWare out and the VM itself was still present after I had ran the uninstall for the Untangle.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  10. #30
    Untangler
    Join Date
    May 2008
    Posts
    518

    Default

    I am just trying to figure out were this might be used and what advantages it might have. Thanks for the info about usage. Demo would be legitimate usage I didnt think of that. For a demo I think I would vpn to a real working machine and show that in action. Might work for home use but I think it would be overkill.

    My understanding is that Untangle is trying to be an industrial grade platform. Maybe I should have said Xp especialy not home is not a stable server platform by almost any measure. But I guess that is only comparing it to linux servers that run for months with no problems. I dont think either of my untangles have been rebooted for few a months. The only time I can remember was during a power outage that ran the ups down. The 2003 server is still having troubles from that. Exchange quit working, took 2 hours to get that going. Active directory still has goofy issues and black berry server is still not working because of ad. Going to have to rebuild it from a backup. But I guess windows is stable. 2 linux servers and untangle were running from the time the power was restored. The load on the linux boxes is far greater and on lesser hardware.

    But I am ignorant so dont listen to me.

    Don
    Last edited by donhwyo; 09-13-2008 at 04:33 PM.

Page 3 of 6 FirstFirst 12345 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2