Results 1 to 8 of 8
  1. #1
    Master Untangler
    Join Date
    Dec 2008
    Location
    Greater Omaha Area
    Posts
    259

    Default HTTPS to DMZ from Anywhere?

    Need some help with this one, I have looked over the forums, searched google and tried various options but can't see to get this figured out. I have 3 NIC's in an Untangle system, External, Internal and DMZ. I have a Public Wireless running on the DMZ using the Captive Portal, everything is working find on the internal, external, DMZ. I have setup a Firewall rule to block all traffic from the DMZ to Internal. The problem I am having is when I need to manage the Public Wireless Router on the DMZ, I can't unless I am physically connected to the Public Wireless network itself. What do I need to do to be able to either from Internal or VPN (or even External), connect to the HTTPS console of the Wireless Router? Thanks.

  2. #2
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,174

    Default

    If you're using a typical SOHO wireless router to provide your wireless this is a lost cause. Those units have an inbuilt firewall that prevent all but local segment access.

    You will need to replace the device with a wireless access point device that has configurable IP security.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #3
    Master Untangler
    Join Date
    Dec 2008
    Location
    Greater Omaha Area
    Posts
    259

    Default

    The Wireless Routers on the Public DMZ network are all running the latest stable version of DD-WRT.

  4. #4
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,174

    Default

    Then go kick it, DD-WRT has a configurable firewall to allow access. After that you just need to configure your firewall in Untangle to allow traffic to hit port 80 on the access point.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  5. #5
    Master Untangler
    Join Date
    Dec 2008
    Location
    Greater Omaha Area
    Posts
    259

    Default

    I had disabled HTTP access to DD-WRT, using HTTPS. The Public Wireless Router is not being used as a Router but rather as an Access Point, so the Remote Management is disabled (since the WAN is disabled). What I seem to have found, is that it's not an issue with the Router but rather that Untangle is blocking any access to the DMZ from either the VPN or Internal. What can I do to confirm that?

  6. #6
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,174

    Default

    SSH to Untangle, TCPDump on both interfaces and see if you can see the traffic drop.

    DMZ <> Internal LAN access on Untangle is an interesting thing. Sometimes you need packet filter rules to pass the traffic, then once it's busted wide open, you can use the firewall to lock down TCP/UDP and get the logs you need.

    If the packet filter is blocking the communications, there is no log of it... so trouble shooting it really requires SSH.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  7. #7
    Newbie
    Join Date
    Jun 2010
    Location
    Trinidad and Tobago
    Posts
    1

    Default Spy in me...Please!

    Want to know more? myrealcamera com]Watch my live camera

  8. #8
    Master Untangler
    Join Date
    Dec 2008
    Location
    Greater Omaha Area
    Posts
    259

    Default

    Trying a couple of different things, I Exported the DMZ Network and was able to connect from the VPN to the Public Wireless Routers without any issues.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2