Results 1 to 10 of 10
  1. #1
    Newbie
    Join Date
    May 2020
    Posts
    3

    Question IPsec VPN and Management Access

    Hi all,

    I was able to get a site to site IPsec tunnel stood up between two Untangle 15 appliances however if I rely on the IPsec tunnel I cannot access the Untangle management IP at the remote site. All other systems on that same remote network are available. My IPsec configuration is set so that the management network is what is defined in both devices as the remote network. I have to then connect over an OpenVPN connection to regain access to the management interface. I checked the firewall reports and I don't see anything blocked from my local workstation IP. What am I missing?

    Thanks all

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    8,741

    Default

    I would use Command Center to remotely access each box as it does not rely on any site to site. https://www.untangle.com/cloud/command-center/

    As to your issue, you will need to add rule to allow access to the HTTP or HTTPS interface from the IPsec interface in /admin/index.do#config/network/advanced/access_rules. Also if you changed the ports of the GUI, you will need to add that to the URL.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Newbie
    Join Date
    May 2020
    Posts
    3

    Default

    Noob here, how exactly do I access that file? SSH? I run PRTG at my house and want to be able to collect stats of the remote unit.

  4. #4
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    8,741

    Default

    That is a GUI URL https://<your LAN IP>/admin/index.do#config/network/advanced/access_rules
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  5. #5
    Newbie
    Join Date
    May 2020
    Posts
    2

    Default

    Quote Originally Posted by skialta30 View Post
    Hi all,

    I was able to get a site to site IPsec tunnel stood up between two Untangle 15 appliances however if I rely on the IPsec tunnel I cannot access the Untangle management IP at the remote site. All other systems on that same remote network are available. My IPsec configuration is set so that the management network is what is defined in both devices as the remote network. I have to then connect over an OpenVPN connection to regain access to the management interface. I checked the firewall reports and I don't see anything blocked from my local workstation IP. What am I missing?

    Thanks all
    01.you will need to add rule to allow access to the HTTP or HTTPS interface from the IPsec interface
    02.open port (443) in your ISP(gateway) router

  6. #6
    Untangler
    Join Date
    Jan 2019
    Posts
    31

    Default

    i was just trying this myself but noticed i don't see IPSEC as an interfece. I can see L2TP and GRE and also OPENVPN but no IPSEC?

    I am also able to see the 6 tunnel VPN's i have created as well.

    Any ideas?

  7. #7
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,012

    Default

    It's an app that needs to be installed.
    If you think I got Grumpy

  8. #8
    Untangler
    Join Date
    Jan 2019
    Posts
    31

    Default

    Quote Originally Posted by Jim.Alles View Post
    It's an app that needs to be installed.

    So currently I have IPSec working between two devices, but I have same issue where I can’t access management of the remote device.

    I was looking to update the ACLs but noticed when I select an interface I don’t see IPSEC as an option.

    Am I missing something? Do I need to install another app?

    Thanks

  9. #9
    Newbie
    Join Date
    May 2020
    Posts
    3

    Default

    Same with me, I see L2TP and GRE also but not IPsec. All of that being said, I think we need two conditions to make this work, correct? The first being the interface (should be IPsec, right? but it's not listed). Since we still have to define the port, would we select the Destination Port?

  10. #10
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,012

    Default

    Oh, sorry.

    Tunnels are not consistently treated as 'interfaces' in NGFW.
    The SD-WAN product is much better at it.

    However, I am not experienced with IPsec.
    from the wiki entry:
    https://wiki.untangle.com/index.php/IPsec_VPN#IPsec_Tunnels

    It looks like it will be the interface you selected to be associated w/ IPsec. (probably WAN)

    Somebody let us know if it works, please. (or correct me ;)
    Last edited by Jim.Alles; 05-20-2020 at 02:38 PM.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2