Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17
  1. #11
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,557

    Default

    Push DNS Configuration has nothing to do with full vs split tunnel, that's imply what DNS services are being used to resolve names. Incidentally, push DNS configuration means nothing in site-to-site tunnels as well because the remote Untangle has its own DNS configured.

    In short, these settings do exactly jack to impact how your traffic actually flows. Your PBX needs to know that the IP network on the far side of the site-to-site tunnel is on the "internet" so it can perform SIP adjustments, and your phones need to have STUN configured so the proper IP address is defined. I'm not even sure how all of that will actually work in this scenario because most STUN implementations are looking for the INTERNET IP address on both sides, not the LAN IP of Untangle.

    On second thought you don't need STUN, you actually want the phones reporting the local address for this to work, so throw that away. But you still need the extensions configured as "remote" extensions.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  2. #12
    Master Untangler
    Join Date
    Aug 2008
    Posts
    370

    Default

    Ok so you are not saying it it is a band-aid solution or not. I will assume it is not.

    Bottom line is that it works fine with Full Tunnel selected without any other special configuration on the PBX so I leave it at that.

  3. #13
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,557

    Default

    And I'm saying that's a bug because as far as I'm aware that setting means nothing to a site-to-site tunnel. And if it DOES mean something that means the remote site is getting all internet connectivity via the VPN tunnel. Which may be OK, but in most cases is a huge bandwidth bottleneck.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  4. #14
    Master Untangler
    Join Date
    Aug 2008
    Posts
    370

    Default

    Quote Originally Posted by sky-knight View Post
    And I'm saying that's a bug because as far as I'm aware that setting means nothing to a site-to-site tunnel. And if it DOES mean something that means the remote site is getting all internet connectivity via the VPN tunnel. Which may be OK, but in most cases is a huge bandwidth bottleneck.
    I did a test and the remote site does not get its internet connectivity via the VPN tunnel.

  5. #15
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,557

    Default

    Then I would say you need to open a ticket, because that check box isn't doing what it's supposed to be doing. This will likely get fixed later and you'll end up with broken phones again. Best to figure it out now.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  6. #16
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,486

    Default

    Indeed, full tunnel is just ignored by remote sites.
    It only works on remote endpoints (like windows, mac, linux, ipads, etc) that support those options.

    Push DNS Configuration has nothing to do with full tunnel/split tunnel.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  7. #17
    Master Untangler
    Join Date
    Aug 2008
    Posts
    370

    Default

    Thanks for the confirmation Dirk. With all the testing/research I did including a IPsec VPN setup that is what I concluded.

    As well I already found that Push DNS had nothing to do with the full/split tunnel.

Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2