Results 1 to 7 of 7
  1. #1
    Newbie
    Join Date
    Mar 2018
    Posts
    5

    Default Allow all traffic between two separate non-WAN interfaces

    Hi,

    We have an Untangle box with one WAN i/f and two non-Wan i/f's on subnets 172.20.111.0/24 & 172.20.113.0/24 and we have noticed that, unless a client has recently signed in to the captive portal, that communication between devices on each subnet is restricted e.g. DNS, DHCP, file & print sharing, group policy etc..

    Please can you tell us whether there is a simple way to allow all traffic between two non-WAN i/f's so that captive portal sign-in is no longer required.

    Thanks in advance. Please feel free to ask for any info or clarification if required.

    Regards

    Julian

  2. #2
    Newbie
    Join Date
    Mar 2018
    Posts
    5

    Default

    Is the right way to do this config->network->filter rules then add a filter rule which selects Source Interface = any non-WAN and Destination Interface= any non-WAN and set action to Pass?

  3. #3
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    8,542

    Default

    By default all non-WAN interfaces can communicate with each other.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  4. #4
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,218

    Default

    Yes, there is nothing to "allow", because it's on by default. If it's not working that's because it's not working, you need to figure out why. If it's blocked by the firewall or filter, it's because you configured it to be so.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  5. #5
    Newbie
    Join Date
    Mar 2018
    Posts
    5

    Default

    Thank you both for your prompt replies.

    Since we are Untangle Partners and the box has a public sector complete licence would it be appropriate to use the live support feature to request assistance in resolving this issue?

  6. #6
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,218

    Default

    Yep!
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  7. #7
    Untangle Ninja
    Join Date
    Jan 2011
    Posts
    1,196

    Default

    the key thing being missed here I think is the captive portal - OP says traffic passes between LANs if the user has recently signed in to Captive Portal

    So he needs a captive portal rule (under Passed Hosts->Pass Listed Server Addresses) that allows LAN to LAN traffic, or a better Capture rule that doesn't capture LAN to LAN traffic in the first place.
    Last edited by johnsonx42; 10-07-2019 at 07:33 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2