Pix to untangle site to site VPN issue

**kkibodeaux** · 01-30-2009, 08:58 AM

Internet ---> Pix 515 ---> untangle ---> switch ---> server

We have the untangle set up in bridge mode. We have around 20 site to site VPN's setup. When I put the untangle in place everything working fine except for the traffic bound for the site to site vpns. Thanks in advanced for your help.

**sky-knight** · 01-30-2009, 09:41 AM

Welcome,

At this point your Untangle is seeing internal traffic as external. You need to create bypass rules for the network ranges you want to pass so the UVM doesn't just discard them.

**dmorris** · 01-30-2009, 11:20 AM

you or need to fix your network configuration (routing probably isn't right) especially if your vpns are on another subnet...

either way - we'll need more information probably...

welcome to the forums!

**kkibodeaux** · 01-30-2009, 01:22 PM

The default gateway on our network is a router that connects to our mpls network. In that router there is a static route all traffic not found in the routing table to the pix.
Example vpn.

Our internal network is 10.1.11.0/24 The address of the pix is 10.1.11.1.
The address of the untangle is 10.1.11.8.

One of the vpn's is on 10.1.0.0 with a subnet of 255.255.248.0

How would I set up the by pass rule for this vpn.

Kris

**kkibodeaux** · 02-12-2009, 01:28 PM

Can someone point me in the right direction to resolve the issue we are having.

**GuruLeeNyc** · 10-04-2009, 07:10 PM

Has anyone been successful in establishing a PIX-to-Untangle IPsec VPN tunnel? If so, please share your notes.

**Coldfirex** · 10-04-2009, 07:20 PM

Originally Posted by GuruLeeNyc

Has anyone been successful in establishing a PIX-to-Untangle IPsec VPN tunnel? If so, please share your notes.

Not currently possible as Untangle does not support IPSEC.

**sky-knight** · 10-04-2009, 08:28 PM

Yes and if you terminate an IPSec tunnel on the external side of an Untangle bridge you need to create a bypass for the VPN traffic or the bridge will stop the packets.

**ausnetit** · 10-21-2009, 09:28 PM

Originally Posted by kkibodeaux

Can someone point me in the right direction to resolve the issue we are having.

HI,

What is the UT DGW IP? is that 10.1.11.1?
What is the Client DGW IP?
What is the VPN Client DGW IP?
What is the Proxy server IP?
Can VPN Client ping the UT?

Thanks,

Thread: Pix to untangle site to site VPN issue

LinkBack

Thread Tools

Pix to untangle site to site VPN issue

Tags for this Thread

Posting Permissions