Page 2 of 2 FirstFirst 12
Results 11 to 19 of 19
  1. #11
    Untangle Ninja
    Join Date
    Jan 2011
    Posts
    1,192

    Default

    Quote Originally Posted by exup1000 View Post
    Well after trying to stick it out with the whitebox router from Telstra, due to some limitations, I have put back the UT box and will live with the odd outage.

    As I have the free version of UT I dont think I can enable the WAN failover app, that is part of the paid service I think.

    anyway thanks for helping.
    WAN failover by itself is pretty cheap, I have a client who has that as their only paid module. their backup WAN is so slow there's no use to run WAN balancer too, it's strictly a backup for when (not if) the primary wan goes down.

    that said, I suspect WAN Failover wouldn't help you anyway without changes from your ISP. probably you'd need separate bridge for the backup connection, then you could connect both connections to separate interfaces on the untangle (or use a little smart-switch to VLAN them onto a single physical interface) and use WAN Failover to handle them

  2. #12
    Newbie
    Join Date
    Jan 2016
    Posts
    7

    Default

    Quote Originally Posted by sky-knight View Post
    I can't tell you if Untangle makes more sense or not. I use Untangle not for stability, but control. It is a UTM after all. And yes, ISP routers fry... they do that.

    But the fact remains that there is no such thing as an multi-wan bridge!

    So if you want Untangle to be a router to define the edge of your network independently of the ISP it can be done. You just then use Untangle as a NAT'less router, behind the ISP's router that is also doing multi-WAN. If your configuration is what I think it is, all this requires is to configure the ISP router with a LAN IP range that is different than you real LAN, statically or dynamically configure Untangle's external interface to work within that IP range, and uncheck the NAT box on the WAN interface.

    But if you aren't using Untangle to be well... Untangle... what's the point indeed!

    And as a matter of theory crafting, another possible idea would be to connect two WAN interfaces on Untangle to the ISP gear and see if you can't get each one to attach to a specific Internet connection. If you can bridge two separate WANs into Untangle, and then enable Untangles multi-wan features, that would work. But that's a mighty big if.
    Perhaps I should try this as suggested by Sky-Knight. But may need a little help.

    1) I put the whitebox router back in front of my UT box and leave whitebox as default settings from ISP. That is its handing out DHCP to the LAN say on 192.168.1.0/24
    2) I put my UT Box WAN connection into the whitebox router, but setup up DHCP on my UT box to hand out DHCP to my LAN on 192.168.0.0/24
    3) Uncheck NAT on my UT WAN interface, but can leave it to receive Dynamic IP from the Whitebox. (Even if it toggles between Cable and Sim/WWAN)

    Would I need to turn off the firewall on the white box to allow VPN connections handled by UT
    Would DNS by set and managed by my UT box still or would whitebox over write this?
    Client on LAN sends DNS request to UT, UT then send request to the whitebox, whitebox then uses its own DNS server to resolve?
    What is the technical name for this sort of setup so I can study up on it a bit more?
    Would Dyn DNS work from UT box still?

    Cheers

  3. #13
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,184

    Default

    Why would you make Untangle a router? Make it a bridge, and save your sanity.

    Making OpenVPN work behind your ISP router is the same either way. Just forwarding UDP 1194 to Untangle, and making a static route in your ISP router for the OpenVPN address pool, and aiming it it at Untangle.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  4. #14
    Newbie
    Join Date
    Jan 2016
    Posts
    7

    Default

    Ok but then I can't set a custom DNS in the white box router. It only had a drop down list.
    Time to purchase a home licence for UT and use the wan fail over.

  5. #15
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,184

    Default

    No...

    You CANNOT USE WAN FAILOVER! You're stuck with a single WAN device that thinks it's two.

    So if you want a fully functioning DHCP server from Untangle then yes you're stuck with router mode. But, as soon as you disable NAT, you'll need a static route in your ISP router for the network behind Untangle, aimed at the nearest Untangle interface. So for sake of being easy, you might want to just leave NAT running.

    Untangle will route to the ISP router, and presumably, the ISP router will always route out a working WAN.

    Unless that ISP router can bridge each internet connection to a VLAN... then Untangle multi-wan can take over. But I suspect the device can't do this, if it can't give you basic control over DHCP.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  6. #16
    Master Untangler
    Join Date
    Oct 2013
    Posts
    140

    Default

    Going back to the original scenario, OP mentioned that even with the CPE device in bridge mode, he can just click the DHCP refresh on UT WAN interface to re-establish internet connectivity, whether it be the CPE switching from cable to SIM or vice versa.

    If that is accurate, I would think that rebooting the CPE makes UT lose its WAN IP address and eventually acquire a new one once the CPE is up and reconnected. If so, maybe you can use a device such as the one below to automatically power cycle the CPE whenever the internet goes down?

    It's quick and dirty, but I think it could get the job done. And you still get to keep UT to do NAT and all the Layer-3 and up magic.

    https://www.amazon.com/ezOutlet2-Int...gateway&sr=8-5

  7. #17
    Newbie
    Join Date
    Jan 2016
    Posts
    7

    Default

    Quote Originally Posted by sky-knight View Post
    No...

    You CANNOT USE WAN FAILOVER! You're stuck with a single WAN device that thinks it's two.

    So if you want a fully functioning DHCP server from Untangle then yes you're stuck with router mode. But, as soon as you disable NAT, you'll need a static route in your ISP router for the network behind Untangle, aimed at the nearest Untangle interface. So for sake of being easy, you might want to just leave NAT running.

    Untangle will route to the ISP router, and presumably, the ISP router will always route out a working WAN.

    Unless that ISP router can bridge each internet connection to a VLAN... then Untangle multi-wan can take over. But I suspect the device can't do this, if it can't give you basic control over DHCP.
    Sorry maybe I was not clear, I will disconnect the ISP router and connect directly to the Cable modem. But move or isolate the ISP router that will now only have a SIM in it and perpetually be in backup mode. Then if Cable modem goes down UT switches to the ISP modem SIM. Maybe my poor network diagram might explain this.
    The ISP may not like this but hey worth a try.

    failover mode.jpg

  8. #18
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    8,510

    Default

    OpenVPN is sticky to the WAN as long as it is connected. There would have to be some script to recycle the tunnel when the main WAN is back up and connected.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  9. #19
    Newbie
    Join Date
    Jan 2016
    Posts
    7

    Default

    Quote Originally Posted by jcoffin View Post
    OpenVPN is sticky to the WAN as long as it is connected. There would have to be some script to recycle the tunnel when the main WAN is back up and connected.
    Hi, thats ok, VPN connections are rare and short lived. But will test to see what happens if it moves to fail over mode, gets a new address then Dyn DNS gets updated, will see how long it takes to re-establish.

Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2