Page 4 of 4 FirstFirst ... 234
Results 31 to 35 of 35
  1. #31
    Master Untangler
    Join Date
    Dec 2008
    Location
    Greater Omaha Area
    Posts
    253

    Default

    When looking over your original diagram, I noticed that at each site you had a router between the internet and your Untangle boxes, both on the same IP address subnet. How do you have Untangle configured? As a Router (default and recommended config) or as a Transparent Bridge?

  2. #32
    Master Untangler
    Join Date
    Dec 2008
    Location
    Greater Omaha Area
    Posts
    253

    Default

    Maybe so, when I upgraded several of my sites, I was unable to get 9.4 clients to connect to a 10.x server even after reviewing the articles which you mentioned ... so I have adopted the policy of always doing the remote sites first and then the main site, which means reconnecting the remote sites since there is no OpenVPN upgrade from 9.4 to 10.x or later. Or just doing everything at once which isn't always possible.

  3. #33
    Master Untangler BytesSolutions's Avatar
    Join Date
    Dec 2010
    Location
    República Dominicana
    Posts
    205

    Default

    Thank you guys for your comments and recommendations.

    Asnswering chmcwill question, untangle is configured as Transparent Bridge on each site.
    Bytes Solutions
    www.bytes-solutions.com

  4. #34
    Master Untangler BytesSolutions's Avatar
    Join Date
    Dec 2010
    Location
    República Dominicana
    Posts
    205

    Default

    I have tested the ports TCP 443 and UDP 1194 status at each location and found the following:

    Port 443 is open at two locations where I can access UT boxes remotely, but it is closed at third location where I can't reach UT box remotely.

    Port 1194 is closed at the three locations.

    I have opened these two ports at each location router, so they all should remain open.

    I have opened a ticket with the ISP to identify if for any location these ports are closed even thought I have opened them.

    Do you think this could be the reason why these three locations are not connecting?
    Bytes Solutions
    www.bytes-solutions.com

  5. #35
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    25,081

    Default

    If Untangle is a bridge, the router in front of it has to be configured with a proper routing table or bad things are going to happen. Honestly, with this complex of a VPN setup, you're doing yourself a massive disservice by using that model.

    I suggest you replace the routers with something VPN capable, and be done with it. Untangle can do that job, many things can do that job, but operating a VPN terminator behind a NAT device is just asking for trouble!

    You need the routes to be correct, all port forwards correct, all your VPN settings correct, and your ISP needs to not block something. If any of these four conditions isn't perfect, WHAM the entire thing falls down.

    And, because Untangle isn't at the edge of your network, we can't suggest anything to test if the packets are actually impacting your WAN interface.

    Which brings us back to you opening a support case with Untangle, and praying they can see enough into your situation to fix this.

    I could fix this, I know I can. But I can't do that via a forum post. And I can't teach you the skills needed to do it via forum post either.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Page 4 of 4 FirstFirst ... 234

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2