Page 1 of 2 12 LastLast
Results 1 to 10 of 14
  1. #1
    Untangler
    Join Date
    May 2010
    Posts
    62

    Default Want to know possiblity before installing

    Hi Everyone,

    I recently heard about this product and I'd like to implement it at my compnay (50 PC's)

    Here is how my network is configured hopefully I can illustrate it properly with Text.

    Internet and Business Data are on separate connections.

    Internet -> H/W Firewall (Dual for redundancy) -> Switch
    MPLS -> Connected to same Firewall as above -> Switch (Same Switch)

    Here is the question

    Can I put the Untangle server between the Internet & Firewall

    so Like this Internet -> Untangle -> Firewall(s) and use it as a bridge?

    I cant see how I can put it after my firewall

    Internet -> Firewall(s) -> Untangle -> Switch <-- The problem with this would be

    1. If Primary Firewall fails, backup firewall would kick in and it would not be monitored by Untangle.

    2. Both Internet and Business data would flow through Untangled.

    If I could put untangle before the firewall as a bridge it would be ideal. but I dont know if it would work or capture the data its supposed to.

  2. #2
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,486

    Default

    I would not put untangle outside any NAT device.
    This will cripple it in many ways as all internal traffic will come from one IP.

    It needs to be on the inside of NAT.

    #2 is probably a better option.

    Welcome to the forums!
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Untangler
    Join Date
    May 2010
    Posts
    62

    Default

    I'm using a Dell Optiplex 745 - Dual Core, 2GB Ram, 80GB HD. It has one internal NIC and I've installed a Intel Server Nic with Dual RJ45s.

    Untangled comes up with the Dell Builtin as (External) Intel Port A as Internal and Port B as DMZ.

    I would rather not have all the data flow through the Untangled if I could help it.

  4. #4
    Untangle Ninja proactivens's Avatar
    Join Date
    Sep 2008
    Location
    Greensburg, Pa
    Posts
    2,362

    Default

    You cant help it. All traffic must flow through the untangle bridge. I am guessing that you don't want to do this because it renders your redundant router setup useless if untangle fails, correct?
    www.nexgenappliances.com
    Toll Free: 866-794-8879
    UNTANGLE STAR PARTNER
    Follow us at spiceworks!

  5. #5
    Untangle Ninja dwasserman's Avatar
    Join Date
    Jun 2008
    Location
    Argentina
    Posts
    4,371

    Default

    Analog:

    There is a lot of missing info for me.
    You said that have a redundant system of firewalls that manage 2 connections? or have only one firewall whit wan failover?
    What type of traffic flow under normal use in each connection?
    What its "bussines data"? A service app publish over internet or connection to branch offices?

    Answering this questions sure generate more answer, but i believe Untangle fit to your needs at the end of the way.
    The world is divided into 10 kinds of people, who know binary and those not

  6. #6
    Untangler
    Join Date
    May 2010
    Posts
    62

    Default

    proactivens: correct.

    dwasserman:
    I'll do my best to describe it.

    We have two types of connections.
    1. Internet
    2. MPLS (VPN Tunnel) to Branch Office

    and they are connected like this.

    1. Each connection Internet and MPLS first connect into small unmanaged switches separately. These switches act as a Bridge to the firewall.

    2. Each unmanaged switch, than have connections to Two Firewalls, Backup and Primary.

    3. From Firewall two Connections are made to our Main Switch (Cisco Catalyst) which distributes the data to the rest of the office.

    So if Primary Firewall Fails. Backup Firewall kicks over and everything is good.

    I could connect my Untangle PC between the Primary Firewall and Cisco Switch. But this means all data will be monitored and I dont really care to do that, I just want to monitor the internet traffic.

    I hope I described this properly.

    PS: MPLS is managed by AT&T out of our U.S. Office, I'm in Canada.
    Internet is provided by Local ISP.
    Last edited by Analog-X64; 05-05-2010 at 05:59 PM. Reason: More info.

  7. #7
    Untangle Ninja dwasserman's Avatar
    Join Date
    Jun 2008
    Location
    Argentina
    Posts
    4,371

    Default

    So MPLS its a private network for branch office, they have internet through their own ISP or through the ISP in main office in Canada?, or in other words, you need to protect with untangle the U.S. Office also?

    This is close to your network?Attachment 2598
    The world is divided into 10 kinds of people, who know binary and those not

  8. #8
    Untangler
    Join Date
    May 2010
    Posts
    62

    Default

    Quote Originally Posted by dwasserman View Post
    So MPLS its a private network for branch office, they have internet through their own ISP or through the ISP in main office in Canada?, or in other words, you need to protect with untangle the U.S. Office also?

    This is close to your network?Attachment 2598
    Branch office have their own ISP and they managed all that localy. The only reason we have MPLS to Branch office, is so we can access ERP System via Citrix and databases.

    Your illustrations is almost perfect to what I have just on the WAN side I have Two switches one for the network and one for the MPLS.

  9. #9
    Untangle Ninja dwasserman's Avatar
    Join Date
    Jun 2008
    Location
    Argentina
    Posts
    4,371

    Default

    Maybe adding a little switch between the 2 firewalls and the main switch permit insert untangle in bridge mode


    firewall1
    |
    |
    switch---firewall2
    |
    |
    untangle
    |
    |
    main switch
    The world is divided into 10 kinds of people, who know binary and those not

  10. #10
    Untangler
    Join Date
    May 2010
    Posts
    62

    Default

    Quote Originally Posted by dwasserman View Post
    Maybe adding a little switch between the 2 firewalls and the main switch permit insert untangle in bridge mode
    That may work or may not, Firewall 1 and 2 each connect to specific Ports on the Cisco Catalyst.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2