Results 1 to 4 of 4
  1. #1
    Untanglit
    Join Date
    Apr 2017
    Posts
    24

    Default Accessing services on Untangle via IPsec Site-to-Site VPN?

    I have a working site-to-site tunnel between my Untangle box and a Unifi USG.

    I can access my DVR, my ESXi server and other services behind the Untangle box.

    I would like to be able to use the Static DNS Entries on the Untangle box for some devices on the USG network. However, when I set the IP of the Untangle box (10.0.1.1) as the DNS server on any of these devices in the USG network, I cannot resolve any of the entries I have added.

    Also, I am unable to access the Untangle GUI on 10.0.1.1 from any device on the USG network.

    Do I need to set firewall rules/access rules for this to work? If so, which interface is the IPsec tunnel on?

  2. #2
    Master Untangler bluechris's Avatar
    Join Date
    May 2016
    Location
    Athens, Greece
    Posts
    135

    Default

    I think you need to add some allow firewall rules in usg controller because i dont think untangle since you are connected to it cuts anything by default.
    Im not 100% sure for the above so maybe a more knowledge guy can step in.

  3. #3
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    23,296

    Default

    Yeah, I'm not too sure either because it's been awhile. But as far as I know all of the pass behavior built into the access rules applies to VPN interfaces just the same as it does on the LAN interfaces.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  4. #4
    Untanglit
    Join Date
    Apr 2017
    Posts
    24

    Default

    I figured it out, I did have to make access rules on the Untangle box for it to work.

    Didn't change anything on the USG.

    Here are the rules I made.



    I restricted access to just my Macbook for now. I assume I can just change the "Source Address" to 10.10.0.0/24 to open up the GUI and DNS to all devices in the USG network (10.10.0.0/24)?

    Out of curiosity, why did I have to make these rules for this to work?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2