Results 1 to 6 of 6
  1. #1
    Untangler
    Join Date
    Oct 2013
    Posts
    34

    Question Untangle to untangle...

    Hi we use untangle for our main firewall. We are looking to use it for customer VPN's etc as a firewall between their networks and ours.. I have configured our main UT to have a 10Gb connection to the vpn UT. So a lan interface from one UT is going to a LAN on the customer UT. On the customer UT we have it set as a default GW to the customers network.

    Configuration wise I think I need a route from the our main UT to the customer UT ?

    How can we send traffic though both to the end user?

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    8,059

    Default

    Use IPsec or OpenVPN to create a tunnel between the two Untangles.

    Tech Talk on OpenVPN https://www.youtube.com/watch?v=vyKPXcsJ1oE
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Untangler
    Join Date
    Oct 2013
    Posts
    34

    Red face

    Quote Originally Posted by jcoffin View Post
    Use IPsec or OpenVPN to create a tunnel between the two Untangles.

    Tech Talk on OpenVPN https://www.youtube.com/watch?v=vyKPXcsJ1oE

    hi, Thanks - The machines sit next to each other in the rack is the VPN still the best way or could they go direct?


    Cheers

  4. #4
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    23,633

    Default

    You can go direct, you just need two statically configured interfaces on the same IP network and plug them in.

    After that, BOTH Untangles will need static routes for any networks beyond the "other" Untangle, targeted at the IP address on the static interface set above. OR, you'll need to get dynamic routing working.

    No changes to any other interface are required... no changes to clients, their default gateways, or anything else. The two Untangle servers should be connected to each other, NOT each other's networks.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  5. #5
    Untangler
    Join Date
    Oct 2013
    Posts
    34

    Default

    Quote Originally Posted by sky-knight View Post
    You can go direct, you just need two statically configured interfaces on the same IP network and plug them in.

    After that, BOTH Untangles will need static routes for any networks beyond the "other" Untangle, targeted at the IP address on the static interface set above. OR, you'll need to get dynamic routing working.

    No changes to any other interface are required... no changes to clients, their default gateways, or anything else. The two Untangle servers should be connected to each other, NOT each other's networks.
    Awesome - So currently the link to this new UT will come out of a LAN connection on IP 192.168.100.1 This the IP of the existing UT ( connecting to the new UT ). Then on the same point to point 10GB network, I have the LAN IP of the new UT set to 192.168.100.254. Then any customer connections will be WAN connections from that UT. So lets say the customer is on a WAN connection 192.168.167.1 GW of 192.168.167.254
    So I guess I will need a route from our existing UT to say if you want 192.168.167.x go via 192.168.100.254 Is that right? How would that look in the config?

    Sorry i think i have brain ache on this one

  6. #6
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    23,633

    Default

    I need a map...

    And once again, the two Untangles should be separated by a dedicated network. They should not be linked directly to the other side's LAN. Doing so violates the separation between the entities, it also makes the routing table lopsided.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2