Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: Cannot PING

  1. #1
    Master Untangler etrigan63's Avatar
    Join Date
    Dec 2006
    Location
    Miami, FL
    Posts
    101

    Default Cannot PING

    Hey gang, recently had to promote my Untangle box from Transparent to full router/firewall to accomodate multiple static IP addresses. I have added a PASS rule to the firewall to allow PINGs but I still cannot ping my server from the outside. What am I doing wrong?

    Also, if I port forward my servers do I have to open the ports on the firewall as well or will the port forward take care of that?
    Last edited by etrigan63; 08-15-2007 at 07:18 PM. Reason: Thought of something else...

  2. #2
    Master Untangler richie's Avatar
    Join Date
    Apr 2007
    Posts
    391

    Default

    hi etrigan63.

    if box is doing NAT, try setting redirect rules from the router module.

    Yes. port forward will do the trick. unless, the firewall global settings is set to block, then you need to create pass rules for those ports.

  3. #3
    Master Untangler etrigan63's Avatar
    Join Date
    Dec 2006
    Location
    Miami, FL
    Posts
    101

    Default

    Okaayyy...

    So I have to port forward my Untangle box (which is my edge device) to allow pings?

    Also, I ran a Shields Up test against the firewall and failed miserably. What am I doing wrong and what can I do about it?

  4. #4
    mdh
    mdh is offline
    Untangle Ninja mdh's Avatar
    Join Date
    Aug 2007
    Posts
    4,752

    Default

    The Shields Up test actually did not fail. Refer to a post titled "Firewall - Stealth Ports" last responded to 4 days ago. The Untangle FIREWALL is not allowing traffic to pass through those ports, but is not hiding them either (as firewall users are accustomed to). The ATTACK BLOCKER would prevent intrusions. As was mentioned in the post I referred to, the ability to hide/show ports will likely be tunable in the future.

  5. #5
    Untangler vanpatrick's Avatar
    Join Date
    Nov 2006
    Posts
    69

    Default

    About the Shields Up test, the results you're seeing aren't valid... have a look at this thread for more info: http://forums.untangle.com/showthread.php?t=186

  6. #6
    Master Untangler richie's Avatar
    Join Date
    Apr 2007
    Posts
    391

    Default

    Quote Originally Posted by etrigan63 View Post
    Okaayyy...

    So I have to port forward my Untangle box (which is my edge device) to allow pings?
    i could not replicate the issue you are having on our lab. external ip including the the aliases should respond to ping. what i am suggesting before is to do a ping redirect ( on Router > Port Forward ) from external interface or alias going to internal host. sorry for the confusion

  7. #7
    Master Untangler etrigan63's Avatar
    Join Date
    Dec 2006
    Location
    Miami, FL
    Posts
    101

    Default

    OK, more network details are needed here.

    I have a business DSL account with AT&T which gives me 5 static IP's. I elected to go this route to circumvent an issue with the Remote Access Portal mangling Outlook Web Access on my Exchange 2007 server. Sadly, my day job requires secure web pages to be on port 443 and I could not access RAP from work otherwise (or perform remote server administration or access OWA either).

    The only way to get this to work with the Netopia router AT&T sent me was to set it as an Ethernet MAC bridge and have my Untangle box handle PPPoE. This part works fine.

    Where things get dicey is as follows: I have been assigned a static IP range from 74.169.172.104-111. 104 is network, 105 is gateway, 111 is broadcast. I have assigned 106 for Untangle access and 107 for mail/ftp/OWA. PPPoE assigns a dynamic IP but I have to use the statics. I have 105 set as the external address and 106&107 as aliases. Is this correct?

    I cannot ping any static address. I can ping the dynamic one assigned by PPPoE but none of the static aliases.

    VPN passthrough is now hosed until you deliver Untangle 5.1. I hope to beta that soon.
    Last edited by etrigan63; 08-16-2007 at 11:18 AM.

  8. #8
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,486

    Default

    There is a block ping checkbox for each interface under config->support->interfaces

    (this will move location in 5.1)
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  9. #9
    Master Untangler etrigan63's Avatar
    Join Date
    Dec 2006
    Location
    Miami, FL
    Posts
    101

    Default

    None of the "Block Ping" boxen are checked and I can ping if I ping the PPPoE dynamic address, not the static addresses. Mind you, everything else (mail, OWA, RAP, Remote Admin, FTP) works I just can't ping.

  10. #10
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,486

    Default

    Hmm... so the issue is that you can ping the main address, but not the aliases?
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2