Page 1 of 2 12 LastLast
Results 1 to 10 of 13
  1. #1
    Master Untangler
    Join Date
    Dec 2008
    Location
    Greater Omaha Area
    Posts
    253

    Default Untangle 8.0 DMZ Issue

    Have two sites which are running public wireless on a DMZ, one is using the Captive Portal the other is not. When Untangle was updated to version 8, the onboard NIC was lost and I had to manually reinstall the driver. One site I clicked through the Interfaces to accept the changes but even after restarting the Untangle box, I can't get out from the DMZ. This is the site that is not using the Captive Portal. I can connect to the Access Point on the DMZ, connect to Untangle on the DMZ, when I turn off the Firewall rules which block access between the DMZ and the Internal Network, I am able to get traffic to pass but still can't get any traffic out over the DMZ. Internal and WAN traffic works without any issues. The other site, I did not click through the Interfaces, manually reinstalled the onboard NIC driver, it's running the Captive Portal and working without any issues on the DMZ. Both systems are essentially the same, hardware, untangle, etc.

    I have Configuration, Networking, Advanced, General - Only NAT WAN traffic checked (default), Packet Filters - Allow DHCP Requests from the DMZ interface unchecked (default). DHCP Server and DNS Server are disabled on the Untangle box (internal server providing DHCP and DNS, DMZ Access Point providing DHCP with DNS going to the ISP). The DMZ wireless client's show connect to the Access Point and their IP Address shows in the Advanced, ARP Entries.

    Any assistance would be greatly appreciated. I really don't want to have to reinstall Untangle on this box again.

  2. #2
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,747

    Default

    I would try these steps from the DMZ: http://wiki.untangle.com/index.php?t...ternet_is_down

    (The ones that apply anyway)

    If you are manually installing drivers you must turn off upgrades.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Master Untangler
    Join Date
    Dec 2008
    Location
    Greater Omaha Area
    Posts
    253

    Default

    All the steps under "On the Untangle server" work.

    Under "On a client behind untangle", when connected to the DMZ I am able to Ping all the Untangle IP Address but not the Untangle Gateway. I am able to access the Admin interface.

    All the steps under "On a machine outside the network" work.

  4. #4
    Untangler RatKnight's Avatar
    Join Date
    Nov 2010
    Location
    Shepherd University
    Posts
    57

    Default

    Nat.
    I am a Networking and Security Student. So, if I am wrong about something, please feel free to point it out. We learn from our mistakes, not from being right :)

  5. #5
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,747

    Default

    Quote Originally Posted by chmcwill View Post
    I am able to Ping all the Untangle IP Address but not the Untangle Gateway.
    Thats the key.
    What are the IPs and netmasks of all parties involved?
    Is DMZ bridged to external?
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  6. #6
    Master Untangler
    Join Date
    Dec 2008
    Location
    Greater Omaha Area
    Posts
    253

    Default

    External: Static (wan)
    IP Address: 24.106.9.14 / 30
    Gateway: 24.106.9.13
    DNS: 209.18.47.61, 209.18.47.62

    Internal: Static
    IP Address: 10.0.0.254 / 24

    DMZ: Static
    IP Address: 10.0.2.1 / 24

    Based on the above, I expect that the DMZ is not Bridged to External.

  7. #7
    Master Untangler
    Join Date
    Dec 2008
    Location
    Greater Omaha Area
    Posts
    253

    Default

    Any ideas on how I could figure out why the DMZ interface is not able to reach the Untangle Gateway but the other interfaces are? The only other option I have is to reinstall the box but I am concerned that doing so will either make me have to reset all the OpenVPN clint's or if I backup and restore the configuration, I am going to be back in the same spot again.

  8. #8
    Untangle Ninja raditude's Avatar
    Join Date
    Jan 2009
    Location
    Eugene, OR
    Posts
    1,143

    Default

    As RatKnight asked did you add any NAT entries for your DMZ?

    You can do a backup of the configuration and that preserves the OpenVPN information as well on restore.

  9. #9
    Master Untangler
    Join Date
    Dec 2008
    Location
    Greater Omaha Area
    Posts
    253

    Default

    No, some Port Forwarding from External to Internal for remote access and email, OpenVPN Client's and Static IP Address on the DMZ, everything else default as per original installation. I have one client working and this one not. Thanks.

  10. #10
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,747

    Default

    Quote Originally Posted by dmorris View Post
    What are the IPs and netmasks of all parties involved?
    .
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2