Page 1 of 2 12 LastLast
Results 1 to 10 of 16
  1. #1
    Untangler
    Join Date
    Sep 2007
    Posts
    31

    Default untangle internet access issues

    I'm using the current version of untangle (fresh install) and have it as the the firewall and router/nat device for about 5 classrooms, 150 computers or so in all.

    My problem is that at random times throughout the day it seems like it locks up on the internal side, no internet access, no dhcp service.. ect. but you can log into it just fine during these times from either inside or outside and it responds very very quickly as it always does in working times. This lasts around 5-10min on average but there has been sometimes where i have to actually restart the untangle then all is well again.

    The reason for the untangle is to isolate some of our public labs/classrooms from the rest of our network and to stop all the broadcast traffic coming from these labs. On average according to my net-enforcer the untangle uses sustains around 1mb of traffic but sometimes jumps to 10 or so (youtube, myspace, downloading) so it isnt much traffic at all. we have a 30mb pipe and see no slow down there and the rest of the campus works just fine.

    specs:
    dell optiplex 745
    core2duo 2.0ghz dual core
    3gigs 667 ddr2
    80gig sata harddrive
    2 10/100 3com network cards (untangle didnt recognize the onboard)

    I really need this working so any help is greatly appreciated! thanks!!!

  2. #2
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,486

    Default

    Can you run 'cat /proc/loadavg' and 'free -m' during the time when its not working on the untangle server.

    I'm interested in the load and memory usage.
    (Given your hardware it should be fine)
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,486

    Default

    btw, you can also look back at past events with atop

    atop -r /var/log/atop.log

    hit 't' to go forward 10 minutes, and 'T' to go back 10 minutes
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  4. #4
    Untangler
    Join Date
    Sep 2007
    Posts
    31

    Default

    ok i will run that as soon as it does it again, prolly wont be till tomorrow though when im working again.

    im sure the mem and cpu usage will be plenty low seeing as how speedy it even when it goes down. if it helps any i had it running as a virtual machine on a computer of the exact same specs but with different network cards with the EXACT same issue and using less than 10% cpu average during load times and not much ram either.

    can the untangle get overloaded with broadcast easily? the labs have a product called "synchroneyes" made by SMART on all of the computers so the teachers can monitor all the sudents in the class, this puts out ALOT of multicast/broadcast traffic (it was messing up the rest of our network, thats why we are isolating the labs because the teachers wont give up this software despite its terrible design)


    also, ive tried an old sonicwall, a spare astaro 220, and even a smoothwall 3.0 and they all seem to be working fine but we would like to go more open-source and i like the untangle distro alot more than the smoothwall. thanks!!!

  5. #5
    mdh
    mdh is offline
    Untangle Ninja mdh's Avatar
    Join Date
    Aug 2007
    Posts
    4,752

    Default

    I would check your Attack Blocker event log and also start logging intensive protocols such as BitTorrent. See if someone in the lab has something else happening besides coursework.

  6. #6
    Untangler
    Join Date
    Sep 2007
    Posts
    31

    Default

    my log doesnt really show much, not that i can understand atleast, ive turned off attack blocker yesterday but somehow its still updating the eventlog and even includes a few drops here and there from the internal and external but not alot.

    as far at other people doing stuff i dont think thats very likely the way it was setup was a deny all as the last rule and only allowed port 80 and 443, and the teacher computers were allowed email and thats it.

  7. #7
    Untangler
    Join Date
    Sep 2007
    Posts
    31

    Default

    ok heres a link to my report briefing to see if you can find anything weird in it if anybody is interested.

    http://www.pbpcrx.com/daily_briefing.pdf

  8. #8
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,486

    Default

    Looks pretty normal to me
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  9. #9
    mdh
    mdh is offline
    Untangle Ninja mdh's Avatar
    Join Date
    Aug 2007
    Posts
    4,752

    Default

    You need to turn on Protocol Control and Web Filter and set up some logging for both. You need to quantify via those two exactly why your firewall is blocking 80% of your traffic between 0800-1130, and why 99% of your UDP traffic is being blocked. I would also assume that you have some heavy bandwidth users, but you need data to work with. You haven't enabled that. Some detailed reports would also be good until you can get a handle on it.

  10. #10
    Untangler
    Join Date
    Sep 2007
    Posts
    31

    Default

    ok ill go ahead and re-enable those things. i disabled them because i was afraid that the untangle was getting overloaded.

    also what is being blocked so heavily is the software i talked about earlier.. its on all the computers and is constantly searching for teachers and peers, its a type of remote desktop for the teachers to see what the students are doing, thats why we took it off our network because of the sheer amount of crap traffic being send everywhere.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2