Results 1 to 5 of 5
  1. #1
    Untanglit
    Join Date
    Nov 2008
    Posts
    24

    Default Bridged Untangle server blocking private space ips.

    Hello,

    I have an Untangle server setup for testing with my network.

    We have a Cisco GW Router which connects to a masterswitch, which connects various pieces of equipment and other switches as well.

    I setup a test lab, with the same settings as my network, and installed the untangle server to test. The server is in bridge mode. I ran into this issue:

    Public space devices such as pcs and servers, have no issues. The pcs and servers on private space ips cannot get out or past the untangle server. Give the device a public ip and it works fine. The GW router does our natting for those private space ips if they need internet access. I think the Untangle server has a setting I need to change, but I can't find it.

    Anyone here know of the setting I'm missing? I would have thought bridge mode would allow this traffic by naturally, but apparantly not.

    thanks in advance.

  2. #2
    Untangler
    Join Date
    Nov 2008
    Posts
    83

    Default

    Verify that the NIC card facing the Cisco router has a private IP address matching the IP address format you have for your internal network. The internal NIC card should not have an IP address when configured in bridge mode.

  3. #3
    Untanglit
    Join Date
    Nov 2008
    Posts
    24

    Default

    Quote Originally Posted by wtangle View Post
    Verify that the NIC card facing the Cisco router has a private IP address matching the IP address format you have for your internal network. The internal NIC card should not have an IP address when configured in bridge mode.

    so, like a secondary ip on a Cisco router, assign a private space ip to the Untangle server as well?

    Is there another way to do this without having to add all the subnets? While my test network is pretty simple, we have quite a few different subnets actually in use and management doesn't want to have to give the server an ip from each subnet if possible.

    Also, using the untangle server as a router is not an option.
    Last edited by doberry; 12-01-2008 at 07:02 AM. Reason: update

  4. #4
    Untangler
    Join Date
    Nov 2008
    Posts
    83

    Default

    Quote Originally Posted by doberry View Post
    so, like a secondary ip on a Cisco router, assign a private space ip to the Untangle server as well?
    That's correct. The Untangle's ip should be in the same subnet as the private space ip given to the router. I believe Untangle will only recognize traffic within it's own subnet.

  5. #5
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,497

    Default

    Untangle isn't a bridge, it's a b-router.

    So you have to give it routes to all the subnets you need it to communicate with or it can't figure out where to send the packet. That is why it's dropping stuff.

    Normally speaking all you have to do is specify a static route for each subnet...

    But, that doesn't always fly in the bridge install for some reason. Personally if I was doing this I would just setup a couple of IP spaces just for untangle, put the thing into router mode, turn off NAT, and route my internet traffic through it.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2