Results 1 to 3 of 3
  1. #1
    Untanglit
    Join Date
    Oct 2008
    Location
    India
    Posts
    15

    Default Untangle virtual machine not forwarding traffic

    Hi,

    I have an issue here for which I would appreciate some help. We are running Squid on a virtual machine which proxies our corporate Internet access. I want to monitor/control the traffic going to/from Squid using Untangle by putting an Untangle Virtual machine in front of the Squid virtual box.

    To this aim, I have installed Untangle 701 as a virtual machine (VM) on VmWare's vSphere host.

    The Untangle VM has two NICs configured for operating in bridge mode. The External interface of the Untangle VM is mapped to a physical interface of the vSphere host system. The internal interface is connected to an internal vSwitch (virtual switch internal to the vSphere host and not mapped to any physical NIC). Another virtual machine running the Squid proxy connects to the same internal vSwitch. Both the VMs are on the same VLAN. My setup looks something like this:

    External physical router -> Phy NIC of vSphere host -> Ext virtual NIC of Untangle VM -> Internal virtual NIC of Untangle VM -> vSwitch -> virtual NIC of squid VM

    Config of Untangle VMbridge)
    IP: 192.168.41.106/24
    GW:192.168.41.1

    Config of the Squid proxy:
    IP:192.168.41.109/24
    GW:192.168.41.1

    (The GW is the IP of the Switched Virtual Interface in the Cisco Router corresponding to the VLAN 192.168.41.0. All traffic exiting this VLAN goes thru this virtual interface configured on the cisco box.)

    I am able to communicate to the Untangle VM from the LAN and vice versa.

    I am not able to communicate from the Untangle VM to the Squid VM and vice versa. That is I am not able to reach the Squid VM and all Internet access gets dropped once Untangle is put in between.

    Any help / pointers to get this setup working would be greatly appreciated.

    Thanks in adv,
    Umakanth

  2. #2
    Untangler
    Join Date
    Dec 2008
    Location
    Southern California
    Posts
    89

    Default

    You're putting Squid behind Untangle?

    I wouldn't do that myself. Not that it shouldn't work, however, you lose a lot of user reporting and control as all the traffic to Untangle from the internal would appear as coming only from the Squid proxy.

    Anyway, in your case, it could be that the upstream gateway IP address of Squid isn't the Untangle box. So you're bypassing Untangle from Squid.

    Quote Originally Posted by sherkhan View Post
    Hi,

    I have an issue here for which I would appreciate some help. We are running Squid on a virtual machine which proxies our corporate Internet access. I want to monitor/control the traffic going to/from Squid using Untangle by putting an Untangle Virtual machine in front of the Squid virtual box.

    To this aim, I have installed Untangle 701 as a virtual machine (VM) on VmWare's vSphere host.

    The Untangle VM has two NICs configured for operating in bridge mode. The External interface of the Untangle VM is mapped to a physical interface of the vSphere host system. The internal interface is connected to an internal vSwitch (virtual switch internal to the vSphere host and not mapped to any physical NIC). Another virtual machine running the Squid proxy connects to the same internal vSwitch. Both the VMs are on the same VLAN. My setup looks something like this:

    External physical router -> Phy NIC of vSphere host -> Ext virtual NIC of Untangle VM -> Internal virtual NIC of Untangle VM -> vSwitch -> virtual NIC of squid VM

    Config of Untangle VMbridge)
    IP: 192.168.41.106/24
    GW:192.168.41.1

    Config of the Squid proxy:
    IP:192.168.41.109/24
    GW:192.168.41.1

    (The GW is the IP of the Switched Virtual Interface in the Cisco Router corresponding to the VLAN 192.168.41.0. All traffic exiting this VLAN goes thru this virtual interface configured on the cisco box.)

    I am able to communicate to the Untangle VM from the LAN and vice versa.

    I am not able to communicate from the Untangle VM to the Squid VM and vice versa. That is I am not able to reach the Squid VM and all Internet access gets dropped once Untangle is put in between.

    Any help / pointers to get this setup working would be greatly appreciated.

    Thanks in adv,
    Umakanth

  3. #3
    Untanglit
    Join Date
    Oct 2008
    Location
    India
    Posts
    15

    Default Issue resolved

    Thanks for your reply Dipster.

    Yes, I am aware that all the Untangle logs show that the traffic is coming only from Squid. We use Squid both for caching and authentication, so the user and website access details are available in the squid logs.

    Also, I tried changing the gw on squid to point to the UT box, but it still did not work.

    After banging my head for a couple of days, I found out that the issue is not any config related to Untangle at all..it is something to do with Vmware. In the setup I have, the VLAN associated with the vSwitch has to be configured to operate in promiscous mode. Once this was done, UT worked like a charm

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2