Results 1 to 7 of 7
  1. #1
    Master Untangler
    Join Date
    Jan 2009
    Posts
    119

    Default Untangle as a virtual Barracuda

    I have been on here before and heard this suggestion is not possible. Deploying an Untangle virtual machine and using it as a virtual Barracuda Antispam,Anti Email Virus appliance.

    I am wondering why this would not work? I have a server that runs VMWare Server 1.0.8 with 5 VM's for a company. It has more than exceeded our expectations, ensuring that your foundation physical machine is a solid one which ours is. We never have to reboot the real machine.

    With that, couldn't one make a Virtual Appliance of the Untangle system (download the one available) assign two virtual nics, direct the SMTP and POP3 ports from the router to the Untangle system, from Untangle to Exchange?

    Sorry if this has been discussed before, I am not very technical in this area at all and there may be something obvious I am overlooking.

    Thank you for your time!

  2. #2
    Untangle Ninja proactivens's Avatar
    Join Date
    Sep 2008
    Location
    Greensburg, Pa
    Posts
    2,372

    Default

    I dont know that port forwarding from your router to untangle, and then from untangle to your exchange would work. In theory, it could, I just dont know if it will.

    Usually, Untangle needs to be in the data path. If you had a physical machine, you could literally plug it in right in front of the exchange and use it that way, as a bridge.

    (GATEWAY----->Switch----->untangle----->Exchange

    Since your visualizing, you cant get into the data path. I would say give her a try and see if she works the way your proposing. It would be interesting if it does, but I have my reservations.
    www.nexgenappliances.com
    Toll Free: 866-794-8879
    UNTANGLE STAR PARTNER
    Follow us at spiceworks!

  3. #3
    Newbie
    Join Date
    Mar 2009
    Posts
    9

    Default

    Quote Originally Posted by proactivens View Post
    Usually, Untangle needs to be in the data path. If you had a physical machine, you could literally plug it in right in front of the exchange and use it that way, as a bridge.

    (GATEWAY----->Switch----->untangle----->Exchange

    Since your visualizing, you cant get into the data path. I would say give her a try and see if she works the way your proposing. It would be interesting if it does, but I have my reservations.
    It will work. I'm doing the same thing except as an ISP. From your GW fwd the ports to the IP of your UT-VM. In the UT-VM create the appropiate NAT, Firewall, and Port forwarding entries. NOTE: You _may_ need to modify IP ranges and VLANS.

  4. #4
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,229

    Default

    You can scan incoming mail with a UT router... and creative port forwarding out of line...

    Emphasis on the creative, there are a lot of moving parts and the mechanism is rather fragile.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  5. #5
    Master Untangler
    Join Date
    Jan 2009
    Posts
    119

    Default

    Hello,

    Long time no response and I see that UT is now up to 602 from 541 when I made this post.

    Looking at the "Untangle Virtual Appliance" (http://wiki.untangle.com/index.php/U...ance_on_VMware)

    Would this be the best step towards achieving a Barracuda type UTM environment? I guess I should explain my environment. After reading the above URL I started seeing stars and passed out, heheee. Kidding, but it was a bit too much for me.


    Environment:

    Business Class DSL
    Broadcomm Modem
    Router/Firewall (In this case a Linksys WRT 54GL with DDWRT v23SP2)
    Two physical servers, identical, running Windows 2003 Server x32 R2 Sp2
    (Server1 - VMware Server 1.0.9 with three VM's, all windows, in a domain)
    (Server2 - VMware Server 1.0.9 with two VM's, all windows, in the same domain)

    I am downloading the Untangle Windows Virtual Appliance 602

    Desired Goal:
    To start up the Untangle VA, place it on Server2 as a VM, have all users and server go through the Untangle VA so that they can benefit from its features. I want to keep the Linksys Router. I would prefer to not have to configure the workstations and servers gateway but understand I may have to. I would be happy if I could, at a minimum, use the Untangle VA to receive info from the Linksys router (Ports 25, 100) to scrub email first, then have the Untangle VA push that data onto my Exchange in the environment.

    Do I need to setup two nics for the Untangle VA? Wouldn't one be ok as long as it had a single local IP address?

    The environment operates on a local IP range of 192.168.0.x

    Sorry for sounding like a dunce on this. Its a little complicated and I will be attempting this soon. I am just uncertain on the Untangle VA portion, how to toss info to it, then have it toss the info to the appropriate servers while our current Router/Firewall stays put.


    Thanks!

  6. #6
    Master Untangler
    Join Date
    Jan 2009
    Posts
    119

    Default

    I just placed a Bridged/In Line old laptop with Untangle 602 on it now. Works great! Really, what a neat piece of equipment and so far no issues but I will be doing testing for 30 days or more.

    I am now starting to understand how it works. I may nix my "Barracuda" virtual project but I might also try it out as well. Seems a bit tricky and I am not exactly sure how to do the dual virtual nics, but I may give it a go soon enough.

    Thanks for any tips ahead of time on the nics if you have any.

  7. #7
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,229

    Default

    You can't go wrong with Intel... unless you get one that is too new. Most other venders sell software interfaces that don't perform very well under load.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2