Page 2 of 2 FirstFirst 12
Results 11 to 15 of 15
  1. #11
    Master Untangler Sam Graf's Avatar
    Join Date
    Feb 2016
    Location
    Michigan
    Posts
    927

    Default

    In Untangle's OpenVPN setup, you can only "export" the Server's network. However, in a site-to-site configuration of the type Network, you do make the server aware of the remote subnet. So the requirement is that the subnets are unique.

    Screenshot_2020-02-17 Annie's Baked Goods, LLC - u25xw.png

    ...that are using the same subnet. Every subnet which is joined to the VPN via routing must be unique.

  2. #12
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,185

    Default

    There is never a circumstance with any VPN that allows for VPN ranges to duplicate. That's TCP/IP 101.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #13
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    1,712

    Default

    Quote Originally Posted by Sam Graf View Post
    In Untangle's OpenVPN setup, you can only "export" the Server's network.
    Server's network(s). You can make an entry for any subnet NGFW has.
    Last edited by Jim.Alles; 02-17-2020 at 10:18 PM.

  4. #14
    Newbie
    Join Date
    Feb 2020
    Posts
    9

    Default

    Thanks all, for clarity I tried it with the remote network exported and without but always with remote network defined as per Sam Graf's pic above. I will see how the IPsec VPN goes and if I have further issues look to move over to OpenVPN and post a new thread in that forum. Overnight the current connection has stayed up (1 lost packet out of nearly 9000), the stat counter to show how much data has gone through the untangle has reset so I read that as a successful re-authentication. Hopefully adding in the host to ping on each side was the missing part of the puzzle. One thing that wasn't clear was what the ping settings are on the IPsec app. You add in a remote host and a ping frequency, I set this to 30 (which is the maxmimum). I can't tell if that's 30 minutes or seconds, equally what are the parameters around how long it waits for a response or how many pings have to fail before it considers the tunnel broken?

  5. #15
    Master Untangler Sam Graf's Avatar
    Join Date
    Feb 2016
    Location
    Michigan
    Posts
    927

    Default

    Quote Originally Posted by Jim.Alles View Post
    Server's network(s). You can make an entry for any subnet NGFW has.
    That’s correct. I was more interested in noting that we could get lost in the semantics of “export,” which proved to be the case. We export, strictly speaking, server side but we also “export” client side. I didn’t want the no-no to cause confusion for future readers.

Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2