Page 2 of 2 FirstFirst 12
Results 11 to 15 of 15
  1. #11
    Untangler
    Join Date
    Jun 2008
    Posts
    60

    Default

    "Untangle 9 is a different version. If you want to use 9, then use it.
    Otherwise, how it behaves is irrelevant and seems to be confusing you."


    So my explanation above regarding why I'm using external vs. internal is wrong? If so, can you help me understand how?

    "I would configure it correctly and then figure out why it does not work. I would not just try settings and see which ones work."

    I am trying to configure it correctly, but I can only do that if I fully understand how this is supposed to work. Any use of trial and error up to this point has been in an effort to figure out how it works. I am not trying to jam a square peg into a round hole.

  2. #12
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,605

    Default

    Quote Originally Posted by soccerextreme View Post
    Those hosts live physically behind the local side of the Untangle box along with their default gateway (e.g. 10.168.25.1). However, in order for those subnets to route to 10.168.100.x they have to talk to the Cisco ASA which is behind the external interface of the Untangle box. I think this is why my existing Untangle server has its static routes pointing out the external interface. If I change one of the routes to point out the internal interface then all my devices on that particular subnet (e.g. 10.168.25.x) go offline, and as soon as I point the route back out the external interface then the devices on that subnet come back online.

    With the new Untangle server the devices on the other subnets (e.g. 10.168.25.x) aren't ever able to see the Untangle box or get online no matter which direction I point the static routes. Not sure why this is the case when the static routes work fine on my old Untangle box.

    Does this make sense? I can draw a diagram if you think that would help.
    Yes, at this point, I think I diagram would help. Is the default gateway (10.168.25.1) a device?

    is 10.168.100.1 the ASA?

    just use aliases, that will give NGFW the addresses you need.
    If you think I got Grumpy

  3. #13
    Untangler
    Join Date
    Jun 2008
    Posts
    60

    Default

    Thanks @Jim.Alles for the reply! Here's a diagram that I just threw together specifically for this conversation. With regards to the aliases do you mean something like this (see additional screenshot)?

    diagram.jpg

    alias.PNG
    Last edited by soccerextreme; 07-08-2015 at 05:48 PM.

  4. #14
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,605

    Default

    Ok, that is a start. There is a Cisco 3925 router with one line to it. I don't know what that means.

    I don't see 10.168.101.55 or 10.168.101.56 in the drawing. I don't know Cisco, so I am a little out of my comfort zone.
    If you think I got Grumpy

  5. #15
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,414

    Default

    Cisco is irrelevant, it's a router.

    To make any recommendations, we'll need a complete IP map, we need to be able to see the entirety of the layer 3 divisions that form the network. How any specific piece of equipment is configured, or even what it is at this point is irrelevant. The reason you're confused as to what a proper configuration is, is because you're confused as to how to properly carve up layer 3. We might be able to help you, but we can't do anything without a complete picture.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2