I do have OpenVPN app running on Untangle for the odd time that I need to connect, but haven't used it in a while. The app's report reflects that, showing no sessions in the past month.
The network layout is roughly attached (text didn't come through as forum removes excess spacing)
Note the wifi hotspots have a LAN network and a (built in) segregated Guest network. Otherwise no VLANs have been configured.
Last edited by adoucette; 11-16-2020 at 09:39 PM.
Is NAT checked on the External interface?
NAT Ext.png
Last edited by Jim.Alles; 11-16-2020 at 09:41 PM.
Yes. See screenshot.
(Also, IPv6 is set to disabled, so not sure how I've been seeing IP6 addressing in some of the reports, but that's probably not important.)
Ok, so OpenVPN isn't nailed-down somewhere, so that is not a factor.
A lot of device OSs and browsers are starting to use IPv6, so you will see it floating around inside a network.
I am not accustomed to an ISP giving out non-routable addresses when the modem is in bridge mode.
It isn't making any more sense, so I am going to take a walk. Have a good night.
Thanks for providing the details!
I don't think bridge was the correct term.Originally Posted by Jim.Alles
I just checked the modem to make sure that I had the right terminology. The modem is set on "IP Passthrough". My understanding is that this bypasses the modem's firewall etc and just passes the WAN IP to the Untangle box.
Is the ISP AT&T?
you may have missed a step. Push the [Renew DHCP Lease] button on the top right of the External interface edit pop-up.
You can add an IPv4 Alias to that External Interface at 192.168.1.65 so you can still administer the AT&T modem (once you get the WAN IP).
Do you have a BGW210 or BGW320 with AT&T Fiber?
If so, IP Passthrough mode can be a bit finicky to get started.
I set mine to "DHCPS-Dynamic".
Then I recommend this sequence of operations:
* Turn off Untangle.
* Reboot the Gateway. Wait for the Gateway to be up.
* Turn on Untangle.
Modems and gateways in bridge mode or IP Passthrough mode can be a bit finicky about detecting the one device they will give the WAN IP Address to.
Some like the BGW210 are capable of dealing private NATed addresses to hosts that didn't come first, which may be what you're seeing.
Correct, the ISP is AT&T and the modem is an Arris BGW210-700. How did you guess that?
The modem is set on "DHCPS-fixed" for the IP Passthrough.
I really haven't seen a problem with it dealing any NATed addresses to another host.
Other hosts cannot connect since the modem's WiFi is disabled, the Untangle box is the only device plugged into the modem's ports. In the passthrough screen, I select the MAC for the Untangle device's WAN port as the one to pass through to (only device that shows up in the dropdown list as it's the only device connected).
FWIW I also assigned a static IP to to the Untangle box, 192.168.1.65, and set that that as the "Default Server Internal Address" for the passthrough.
Those settings should be reflected in the screenshots below.
I have shut down untangle, power cycled modem (with 30 seconds off power), waited for it to come up, and restarted untangle. We'll see if any changes.
"IP Passthrough" is unique terminology for bridge mode. A quick Google search got me to a Medium article which is a little more generic 'documentation'.Correct, the ISP is AT&T ... How did you guess that?
https://medium.com/classic-mini-diy/at-t-fiber-using-personal-router-dmz-and-ip-passthrough-a-story-of-woe-5a79d916058a
I don't have experience w/ AT&T, so I don't have much more to add.
Posting Permissions
LinkBack URL
About LinkBacks
Reply With Quote
