Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 31
  1. #21
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,469

    Arrow reset.

    this isn't going to 'fix it' but your troubleshooting is hampered by a misunderstanding - your 'static assignment' doesn't work like you think it does.

    You did Untangles' add "static DHCP entries" under advanced / DHCP server. You are telling UT's DHCP server (which is dnsmasq) to provide a specific IP address when a client asks for one via DHCP. It doesn't turn anything off, anywhere.

    As was said:
    jcoffin
    If the Untangle does not have any interfaces bridged to the External NIC, then there is something wrong with your Untangle configuration if you can see DHCP server sessions from the Comcast modem. NAT should block all incoming sessions.
    It doesn't matter whose modem it is.

    Your issue is not like anyone else's anything - lets get back to basics here.
    • please read this
    • please show us YOUR network diagram.
    • please tell us what version of UT you are running.
    Last edited by Jim.Alles; 04-20-2014 at 01:42 AM. Reason: choice of words
    If you think I got Grumpy

  2. #22
    Newbie
    Join Date
    Apr 2014
    Posts
    1

    Default

    Quote Originally Posted by SirBC View Post
    So, it just gets weirder. And Comcast is saying it's Untangle's fault.

    After the issues outlined above, I just went and assigned every device a static IP (via the Untangle add as static) so that computers/devices wouldn't even try and pull an ip. Problems went away. However, I was still seeing the 10.1.10.1 DHCP server in addition to Untangle's 192.168.1.x, it just wan't causing any issues so I ignored it.

    Today, I built a new computer, brought it online and of course it pulled a 10.1.10.x IP before I could give it static IP in Untangle. Here is where it gets weird. I ran arp -a and the mac address is not that of my Comcast modem. So I logged into the Comcast modem on my new computer and it shows a different public static IP as well as a different MAC address as my own Comcast modem. I have two computers sitting side by side, both connected to my network with a wired connection, back to the same switch, and one shows a different public IP address than the other.

    Also, other modem settings are different, with the "rogue" modem having a different firmware version and DHCP turned on; so I must be logged into my neighbors (?) modem. How is that possible? There currently are no wireless access points on my network and I'm connecting to my network with wired connections.

    My home network is pretty simple. I have about 10 drops, and at this time, no wireless access points. So two computers, both going back to the same switch, which is attached to my Comcast modem with DHCP turned off, and one shows a different public IP address than the other. How is it even possible that I can log into some other customers Comcast modem (Comcast has confirmed that it is another customers modem)?

    Comcast almost couldn't wrap their heads around this. We spent around 90 minutes on the phone and they confirmed, by looking at the MAC address, that it isn't my modem. They said they were not allowed to tell me who's modem it is, but it is under a different account than mine with an address that is not mine. However, according to them, since I have my Comcast modem bridged with my own "firewall", the problem must be on my end with a misconfigured firewall. I explained that the way I was going to fix this was to simply turn off DHCP on my neighbors (?) modem, which would solve my problem but likely not help my neighbors network. They said they would escalate to tier 2 and call me back.

    Is there any scenario under which Untangle could be contributing to this problem?

    Yeah you shouldn't be getting someone else's MAC modem address.

    FYI, When you are getting Comcast Business's single WAN Static IP package, what you're really getting is two WAN statics IPs. One Static IP is assigned to your Comcast SMC/NETGEAR Box and One WAN static IP to do with what you wish. Note, the IP that assigned to the Comcast SMC/Netgear box is normally your gateway address for the 2nd static.

    Anyway, to avoid what's happening with your current network, you're best off redoing your network diagram since it seems it's not the best setup for your situation.

    Hopefully, Comcast replaced your SMC router with the new Comcast Netgear One since the SMC one is a bit flakey. Plus the Netgear box supports DOCSIS 3.0 protocols vs SMC DOCSIS 2.0 protocols.

    Why don't you try using this network diagram setup as long as your Untangled Device has two NIC cards. (One NIC should be assigned WAN Static IP that comcast provides for you [NOT The WAN IP that's assigned to your Comcast Router]; the 2nd NIC should be assigned for your LAN) If you don't have two NIC cards; go get one)

    RG6 cable from Wall --> Comcast SMC/Netgear router --> Untangled Router WAN Port with WAN Static IP --> (from 2nd NIC LAN Port Untangled Router) --> Your Switch-> to whatever other devices (your 10 drops) etc...

    If you do this network diagram setup, everything is behind untangled firewall. Make sure you setup the DHCP server on untangled to hand out IPs on the 2nd NIC.

    This setup should be a lot better than your current setup and you avoid the rogue DHCP Server that's happening on your network.

    If you have any questions just let me know.

  3. #23
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,469

    Default

    To the O.P.: how does WiFi figure into all of this?
    If you think I got Grumpy

  4. #24
    Master Untangler SirBC's Avatar
    Join Date
    May 2008
    Location
    San Carlos, CA
    Posts
    115

    Default

    Quote Originally Posted by haykong View Post

    Anyway, to avoid what's happening with your current network, you're best off redoing your network diagram since it seems it's not the best setup for your situation.

    Hopefully, Comcast replaced your SMC router with the new Comcast Netgear One since the SMC one is a bit flakey. Plus the Netgear box supports DOCSIS 3.0 protocols vs SMC DOCSIS 2.0 protocols.

    Why don't you try using this network diagram setup as long as your Untangled Device has two NIC cards. (One NIC should be assigned WAN Static IP that comcast provides for you [NOT The WAN IP that's assigned to your Comcast Router]; the 2nd NIC should be assigned for your LAN) If you don't have two NIC cards; go get one)

    RG6 cable from Wall --> Comcast SMC/Netgear router --> Untangled Router WAN Port with WAN Static IP --> (from 2nd NIC LAN Port Untangled Router) --> Your Switch-> to whatever other devices (your 10 drops) etc...
    Thanks Haykong. My current setup is as you outlined above:

    Internet ---> Comcast modem (DHCP off/Firewall off) ---> Untangle External NIC ---> Untangle in Router Mode ---> Untangle Internal NIC ---> Switch ---> Computers/Printers (DHCP enabled).

    The setup for Untangle Networking/Interfaces/External has the Default Gateway with the IP (x.x.x.5) that the Comcast modem has for the Wan IP address (x.x.x.5) while the primary IP address and netmask is the other static IP comcast gave (x.x.x.4/30). This had been chugging along with no issues for the last 4+ years and I've only recently started to notice this rogue DHCP server issue.

    They have not yet replaced the SMC modem, hopefully when Tier 2 calls me back they will try that. However, when I unplug my modem, I can still see the rogue server (another Comcast modem) handing out 10.1.10.x IP's...

    Quote Originally Posted by Jim.Alles View Post
    To the O.P.: how does WiFi figure into all of this?
    I do have an access point connected to the switch with DHCP turned off. However, when I started trouble shooting this I disconnected it just to rule out the possibility of any rogue AP's on the network.



    Below are my bypass and packet filter rules for my Untangle version 9.4.2 (all set to default I believe):



  5. #25
    Master Untangler SirBC's Avatar
    Join Date
    May 2008
    Location
    San Carlos, CA
    Posts
    115

    Default

    Wow. I figured it out.

    When I logged into the "rogue" comcast modem and listed the connected devices, one of them was helpfully labelled with my neighbors last name. I just recently noticed that he had the same security camera in his backyard that I do. And they use powerline networking...

    So are networks are being bridged on the internal interface. I've confirmed that unplugging my powerline adapter removes the rogue DHCP server. I'm not really sure how to fix it though seeing as my neighbor and I seem to be on the same power circuit.

  6. #26
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,491

    Default

    I told you... it wasn't coming from outside. I was about to suggest you unplug everything but a single station just to prove it.

    I've never seen a powerline over ethernet item make it through two breaker panels... but if it's happened in your case that just made those devices rather insecure. Do yours support any form of encryption? The newer models I've worked with do, and that's likely the only way to fix the problem short of not using powerline tech.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  7. #27
    Master Untangler SirBC's Avatar
    Join Date
    May 2008
    Location
    San Carlos, CA
    Posts
    115

    Default

    You were right

    It looks like it does support a security key, so I should be good to go.

    Thanks all for the help.

  8. #28
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,469

    Default

    Although distance does affect the signal with powerline transmission technology, the main limiting factor (attenuation) is the transformers, in this case, on the pole in the neighborhood. It will serve maybe 1-6 customers in most cases.

    This is completely different from many commercial environments, where 'three phase power' can make it seem that it won't make it across breakers in the panel, but the signal is really contained on the phase that that circuit is connected. There are always three transformers with three phase (commercial) power.

    Congratulations on solving a real troubleshooting challenge!


    and happy Easter, everyone!

  9. #29
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,491

    Default

    Jim, to be fair I was referring to residential power. I have never, nor will I likely ever, utilize powerline Ethernet technology in a commercial application. If I need a wire, I pull a wire!
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  10. #30
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,469

    Default

    Alright, I am busted - for making the assumption.
    If you think I got Grumpy

Page 3 of 4 FirstFirst 1234 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2