Page 1 of 3 123 LastLast
Results 1 to 10 of 21
  1. #1
    Master Untangler J2897's Avatar
    Join Date
    Mar 2008
    Posts
    105

    Arrow (Solved) How does Untangle Reports work with my Router?

    Hi,

    I'm not very technically minded about Untangle (or any Linux distro's)... Hoping for a very simple answer.

    As you can see from My Network Diagram, I have installed an Untangle Server between my Modem and Router.

    It seems to work fine and I'm very excited about my new security. Mainly Snort; I was originally looking for a way to try out Snort on Windows XP, when I came across Untangle, my jaw hit the floor!

    I would just like to know if there is any changes I should be making in my Router's settings (BR-6216Mg) or should I just leave them as they are?

    The reason I ask this, is because I'm finding the 'Untangle Reports' quite confusing. I'm not sure if the 'Untangle Server' will be able to work out Which Internal IP (192.168.*.*) is accessing 'What and When' so that it can create appropriate Reports associated to each Internal IP...

    I am thinking that anything beyond my Router (WAN wise) such as the 'Untangle Server' (and the Internet) will not see my Internal IP's... Am I correct, and what should I do about it if so?

    My ISP is 'Virgin Media' (AKA NTL UK): DSL

    I can post any information required, although I will have to lie about MAC address's & Internal IP's etc, for obvious reasons.


    Thanks in advance,
    J.
    Last edited by J2897; 03-31-2008 at 01:57 PM. Reason: Edit the title, adding: (Solved)

  2. #2
    Untangle Ninja Silver Bullet's Avatar
    Join Date
    Sep 2007
    Posts
    1,946

    Default

    Welcome to the forums!

    Untangle should be able to identify which IPs are going where and it should also show up in the reports. If it's not, then you most likely are plugging the Untangle Server into the WAN port (NAT port) of your router. This would mean that you are double NATing and also, all traffic is going to appear as if it is coming from one address... the router. You should plug Untangle's internal interface into the switch port on the LAN side of the router. Then everything should work as it's supposed to.

  3. #3
    Master Untangler J2897's Avatar
    Join Date
    Mar 2008
    Posts
    105

    Default

    That's correct... I do have Untangled plugged into the WAN port. I thought that was how the video was describing it.

    I'm not sure if I have a Switch Port on this Router. Do you mean one of the spare Ethernet ports on the Internal network (On the back of the Router)?
    (And do I then plug the Modem into the WAN as normal?)

    Or does this mean I will have to go out and buy a Network Switch?

  4. #4
    Untangle Ninja Silver Bullet's Avatar
    Join Date
    Sep 2007
    Posts
    1,946

    Default

    It can plug into the same switch that your other PCs are plugged into.

  5. #5
    Master Untangler J2897's Avatar
    Join Date
    Mar 2008
    Posts
    105

    Default

    Now I am confused...

    I think my Router has a built-in LAN Switch, which is what the spare Ethernet ports are on the back of the Router.

    As I understand it, you are saying that the 'Untangle Server' connects to my Router just like any other PC. Like this...

    192.168.*.1 = Router
    192.168.*.2 = PC1
    192.168.*.3 = PC2
    192.168.*.4 = PC3
    192.168.*.5 = Untangle Server

    If this is correct, then I'm not sure how the Untangle Server can stop intruders coming in through the Router and directly accessing, say, PC1.

    How does the Router know that it must send all of the traffic to the 'Untangle Server' first to be checked for intruders, for it then to be sent back to the Router to be passed on to the appropriate machine? Or does the 'Untangle Server' some how intercept all of the Internet traffic before the Router has chance to pass it onto the appropriate machine?
    Last edited by J2897; 03-30-2008 at 11:09 AM. Reason: To be clearer

  6. #6
    Untangle Ninja Silver Bullet's Avatar
    Join Date
    Sep 2007
    Posts
    1,946

    Default

    The router shouldn't be routing in this case. The clients should point to your Untangle server as their default gateway, not the router. This is the same way your Router worked before you installed Untangle. The router held the External IP address on it's external Interface (WAN port). The only traffic that came in was traffic that you created port forwards for, and all outgoing traffic had to be NATed with the External interface before it could go out to the internet.

    This is the same thing that Untangle is doing, except your Untangle server doesn't have the built-in switch. So, you are just using the switch function on your previous router and letting Untangle do the routing.

    These IP address ranges are set aside for use on private networks.
    10.0.0.0 - 10.255.255.255
    172.16.0.0 - 172.31.255.255
    192.168.0.0 - 192.168.255.255

    No address in those ranges can be directly addressed from the internet. The only way that another device can access one of your LAN PCs is if you forward traffic to it using port forwards.

  7. #7
    Master Untangler J2897's Avatar
    Join Date
    Mar 2008
    Posts
    105

    Default

    So I have to find a way of Disableing the Routing function of the Router?

    Oh' man.. My head is seriously hurting now!

    Everything seemed so simple at first, now I'm worried about messing everything up. If only there was a "Silver Bullet" lol.

  8. #8
    Master Untangler J2897's Avatar
    Join Date
    Mar 2008
    Posts
    105

    Default

    Ah', my Router has an option to Disable NAT. Would that do the trick do you think?

  9. #9
    Untangle Ninja Silver Bullet's Avatar
    Join Date
    Sep 2007
    Posts
    1,946

    Default

    Sounds like it would. Does that make the WAN port part of the switch then?

  10. #10
    Untangle Ninja YeOldeStonecat's Avatar
    Join Date
    Aug 2007
    Posts
    1,565

    Default

    You don't need to "disable" NAT or routing on your wireless router.

    Assign its LAN IP to be in the same range as the inside of your Untangle box..but not the same IP as your Untangle LAN NIC. If Untangle is 192.168.1.1...give your wireless router some standard access point IP such as 192.168.1.245 or 192.168.1.250.

    Disable DHCP on your wireless router..you want Untangle to be your DHCP box..or if you have a server on your network.use that. You don't want more than 1x DHCP service on your network.

    Plug Untangles LAN NIC into one of the LAN ports of your wireless router..you will not use the internet/WAN port of it. By doing this..now you've sorta converted your wireless router to simply run as a plain access point.

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2