LinkBack URL
About LinkBacksI spoke with our network specialist who does our administration.. Sent me a drawing of how the Untangle could work in our network.
See the drawing and let me know what you think.
I spoke with our network specialist who does our administration.. Sent me a drawing of how the Untangle could work in our network.
See the drawing and let me know what you think.
From your drawing
Set external interface of untangle with a valid ip address in your lan. Set default gateway to internet router.
I erase the dmz
Let the internal bridge mode without ip.
Add in networking/advanced/routes the static route to the mpls network.
Thats all from my perspective
The world is divided into 10 kinds of people, who know binary and those not
I wrote to my network guy and this is what he wrote back.Originally Posted by dwasserman
"You shouldn't have to have a default route to the MPLS. We don't want to untangle to know about the MPLS whatsoever. You just want to interfaces in bridge mode without IP's to sit on the internet connection and one interface to the LAN to act as a management interface."
I dont said default gateway to mpls ("Set external interface of untangle with a valid ip address in your lan. Set default gateway to internet router."), said static route, then UT know the path to mpls network.
And in Bridge mode MUST BE one ip address in Untangle, the external interface.. Its like a managed layer 2 switch, need one ip address to managment.
The world is divided into 10 kinds of people, who know binary and those not
Its working!!!
Thanks everyone for being patient and walking me through this.
So this is what happened in the end.
Our internet went down and I called the ISP and while trying to troubleshoot, he mentioned that we had more then two I.P. Addresses available.
So I took the opportunity and got all the info, like IP Address, Subnet, Gateway and Primary/Secondary DNS Servers.
I entered all that info under static for the External interface and the internal into the switch where the firewalls are connected.
Now time to go reading in other threads about how to manage this thing from my desk and use the web filter, reports etc..
Ummm, so what exactly are you filtering now?
You set up Untangle in router mode, with its own, isp assigned ip address?
For now I've enabled Web Filtering.
So this is how its setup.
(ISP Router)==>(UT Bridge Mode)==>(Firewall)==>(Switch)
The UT is assigned an IP available from the ISP Router.
I may still not be out of the woods.
1. I went to the reports module this morning and saw some activity from the firewall doing normal stuff, but the client IP was the Firewalls address. So now I'm worried that all web traffic will only show the Firewalls IP address.
2. Is there a way to look at the webtraffic live? rather then wait 24 hours and look at a report?
If the FW is nating, that's what'll happen.
web filter settings, event log tab, auto refresh (on the bottom).2. Is there a way to look at the webtraffic live? rather then wait 24 hours and look at a report?
That's why I asked, I don't see how this layout will help as far as identifying individual client usage.
I havent been able to get the Untangle server working any other way... but than again now that I have the proper IP info.
Can I reconfigure it a different way to get it working properly?
If there's one cable between the fw and the switch, there's no vlan stuff between the fw and the switch, and the ip range doesn't change, put it there without changing anything on UT.So this is how its setup.
(ISP Router)==>(UT Bridge Mode)==>(Firewall)==>(Switch)
The UT is assigned an IP available from the ISP Router.
Posting Permissions
