Results 1 to 10 of 10
  1. #1
    Master Untangler
    Join Date
    Mar 2017
    Location
    France, Paris
    Posts
    134

    Default how to exclude a mac address from DHCP

    hi all

    my isp modem (192.168.0.254) has no bridge mode.
    To receive tv, i need DHCP on my ISP modem. So i just give it 192.168.0.1 to 192.168.0.2
    i also tell in the config interface to give 192.168.0.2 to my tv player.

    untangle is in router mode (192.168.1.1).
    Pb is that untangle gives an IP to my TV player. (192.168.1.2)
    And i don't want that. I want to exclude the tv player from DHCP.

    How should I do that please ?

  2. #2
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    23,346

    Default

    Unplug the TV from your network.
    f1assistance likes this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #3
    Master Untangler
    Join Date
    Mar 2017
    Location
    France, Paris
    Posts
    134

    Default

    already did.
    Plug /unplug.
    Turn on/off.
    But the IP is coming from untangle.

    so i find a solution :
    I directly connect the tv player to the box.
    But this is something to add on future version. Possibility to exclude a mac address from the DHCP

  4. #4
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    23,346

    Default

    You have this thing called a filter, and it can control stuff on that level.

    But devices connected to a network, will get an IP address from the appropriate DHCP server.

    If a DHCP server is handing out addresses to unexpected things, you have a problem with your physical network that needs addressing. This isn't a feature, this is a plug to cover up a bad network design. To put it more simply, you've done something fundamentally wrong.
    f1assistance likes this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  5. #5
    Master Untangler
    Join Date
    Mar 2017
    Location
    France, Paris
    Posts
    134

    Default

    tell that to my isp, who doesn't let me use the bridge mode, who doesn't let me turn off the dhcp....etc etc etc.....

  6. #6
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    23,346

    Default

    Your ISP has nothing to do with this.

    If you have a router connected to your ISP, IE Untangle, and devices connected behind that router. If you've connected things properly, it's impossible for anything behind Untangle to use an IP from in front of Untangle. Much less be serviced by the DHCP server there.

    If you want your TV to have an IP address controlled by the ISP router, then you connect it in the same logical position as Untangle. It's no longer behind Untangle, it's along side Untangle. And subject to the network defined by the router provided by the ISP. Untangle DHCP service doesn't operate via its WAN interface, the broadcast domain is separate, two networks exist.

    Your Untangle should be in bridge mode, but it isn't. And you've defined two networks, but you want to treat them as one. As I said before, fundamentally wrong. That isn't to say it can't work in this configuration, or that the configuration itself is inherently bad. It's just misunderstood. The wrong here is in your head, not the equipment. And your goals here are muddled as a result.

    So, if you want to understand. Please provide a more detailed network map. And explain what your goals are. We'll try to help walk you through it. But bring your patience, because this level of information exchange via forum is horribly inefficient.
    Last edited by sky-knight; 07-13-2019 at 09:20 AM.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  7. #7
    Master Untangler
    Join Date
    Mar 2017
    Location
    France, Paris
    Posts
    134

    Default

    i just applied what someone's told me in another thread.
    Use untangle in router mode, put in the dmz of my isp modem.
    and then, will be more easy to use vlans.

    So i did that, and i succeed to configure my vlan.

    i also find the solution for my tv (plug in directly to the ISP modem) as i wrote two posts before. it takes for now the good IP

    but now, you says that i should use bridge mode for untangle ?
    But i read everywhere, that configuring vlans in bridge mode is a pain in the ass ! (and i tried without succeeding ! a complete failure no matter what i did)

    i'm lost

    oh and sorry if i misunderstand something, but i'm not english.

  8. #8
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    23,346

    Default

    Yes I realize the language barrier is likely an issue here too.

    Yes, configuring VLANs with Untangle in bridge mode is... odd. Because you must terminate the VLANs on Untangle and bridge the two virtual interfaces to each other. This quickly creates the circumstance that makes multiple bridges in Untangle, and that won't work without WAN balancer and careful source routing!

    Which is a very long way to say, VLANs with Untangle bridges, are hard.

    So if your IPTV must be connected on the network segment provided by your ISP, then yes the simple solution is to directly connect it. That solves the TV problem, and it leaves the rest of your network to operate however you want it. But that doesn't have anything to do with limiting access to Untangle's DHCP server. Your issue wasn't the DHCP service providing an address to specific device, your issue was that device was connected to the network in the wrong place!

    You could run the TV through Untangle, but you'd need to have a dedicated interface to bridge to external, that way the ISP network bridges through Untangle on that dedicated port, and you can plug the TV into that extended network.

    You also might be able to get the TV to work behind Untangle, on Untangle's provided network, but you'd need to disable NAT on External. That way the ISP router can see all IP addresses. But for that to work, the ISP router needs a static route for the IP ranges behind Untnagle or traffic halts. This is a far more advanced configuration and we're back to things being hard again.
    Last edited by sky-knight; 07-13-2019 at 09:53 AM.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  9. #9
    Master Untangler
    Join Date
    Mar 2017
    Location
    France, Paris
    Posts
    134

    Default

    but is it wrong to have untangle in router mode in my case ?
    Am I doing what "experts" call "double nat" something ?

    i saw that if i want to access my nas with my domain name, i have to open the port in my isp modem to my untangle and then open it on my untangle to my nas.

    is it really bad ? but i don't really have a choice actually, if i want vlans
    will be much easier if my isp let me do what i want to do !

  10. #10
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    23,346

    Default

    That depends on your definition of the word bad.

    For me, my definition of bad means the solution is harder to maintain over time than another. I want the simplest, easiest to support solution I can possibly get away with while also having things work the way I need them.

    Double NAT injects considerable additional failure points, and can make things more difficult to troubleshoot.

    So a better question is, does this solution meet my needs?

    No one can answer that question but you. You are the only voice of authority on your personal standards.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2