Results 1 to 6 of 6
  1. #1
    Untangler
    Join Date
    Nov 2016
    Location
    Phoenix, AZ
    Posts
    57

    Default UT secure cert overriding mail server cert

    Hi,

    I switched UT from bridge to router mode early this morning and am ironing out some details.

    I have a secure cert for UT (filter.webworldinc.com) as well as our mail server behind it (mail.webworldinc.com). Some clients who have been successful getting to the mail server before today are having problems.

    Their brows is throwing a cert mismatch error as it is seeing filter.webworldinc.com as a cert rather than mail.webworldinc.com.

    I have Port forwarding rules in place for the mail server on the usual ports (including 80 & 443). I also have bypass rules in place for the public destination address of the mail server and ports 80 & 443. Finally I have NAT rules to map the internal IP of the mail server back to the public IP address.

    Any suggestions on what is happening?

    Thanks!

    --Ben

  2. #2
    Untangler
    Join Date
    Nov 2016
    Location
    Phoenix, AZ
    Posts
    57

    Default

    Well I hate when this happens. Client ran some errands and when he came back the problem went away. Not sure how that happened, but hopefully it stays gone.

    --Ben

  3. #3
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    25,935

    Default

    Make sure you've moved Untangle's HTTPs port off 443, if you don't you can't forward the traffic.

    *Edit* didn't notice what forum this was again... note JCoffin's question below. If SDWAN ignore me!
    Last edited by sky-knight; 03-07-2021 at 08:01 PM.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  4. #4
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,574

    Default

    Are you sure you are using SDWAN (This forum title) or NGFW from Untangle?
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  5. #5
    Untangler
    Join Date
    Nov 2016
    Location
    Phoenix, AZ
    Posts
    57

    Default

    Yes, been using NGFW for about 4+ years now. Got it sorted out via tech support though, along with some other issues. Thanks!

    --Ben

  6. #6
    Untangler
    Join Date
    Jul 2008
    Posts
    68

    Default

    just to chime in on this, while I have experienced this, it was a different way. If you have a full tunnel enabled for an OpenVPN connection you are connecting to, I have the same certificate issue described above, only while connected to the OpenVPN connection though. I have had no issues as long as Full tunnel is not enabled. This is in regards to port forwarded services that you are accessing through the VPN connection instead of the WAN... I did not notice this in past releases of Untangle, only within the past 1-2 years.

    While it is the same error, I thought since I had experienced something similar, I would post it here.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2