Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfSense and Untangle on same Host

    Scheduled Pinned Locked Moved Virtualization
    2 Posts 2 Posters 5.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      scottnguyen
      last edited by

      (Oh, here's the correct forum…ignore other)

      I've thought about this, but not really put it in practice yet and really need clarification.  I already have pfSense and would like to use Untangle with it in a virtualization scenario - using Xen or Hyper-V or other.  For example, at the border, I wish to have pfSense in front / behind the ISP router, and behind the pfSense I would have Untangle.

      My question is, if pfSense and Untangle is at the border as guest machines on same VM Host machine, how will traffic go from pfSense to Untangle directly?  I can see traffic sometimes going through Untangle and sometimes not.  Say pfSense 192.168.1.1 and Untangle 192.168.1.2...I guess I am a bit missing on how traffic will be forced to go through pfSense THEN to Untangle before it goes through the rest of my 192.168.1.x subnet.   Just because pfSense is 192.168.1.1 does not mean it will flow through 192.168.1.2 next....Can someone clarify please?

      UPDATE:  I think I got it…http://community.spiceworks.com/topic/14962-untangle-hardware - Bridge / Host / Bridge on VM Nics
      If anyone can further improve on this, please let me know.  Internet–(bridge VMnic)pfSense(host VMnic)--(host VMnic)Untangle(bridgeVMnic)--LAN

      Taken from sample…

      1 - VM bridged NIC 1: Internet --> PFsense WAN
      2 - Host Only: PFSense LAN & UT outside
      3 - VM Bridge NIC 2: UT inside --> LAN switch

      1 Reply Last reply Reply Quote 0
      • C
        Cino
        last edited by

        Setup untangle in transparent mode when your doing the install.
        Example of the switch setup:

        vswitch0 - WAN
        WAN <-> pfSense WAN

        vswitch1 - Internal Router
        pfSense LAN <-> untangle WAN (In transpartent mode, you give it a static IP for your LAN)

        vswitch2 - LAN
        untangle internal (LAN)  (No IP since its bridge to the WAN interface)

        Accept promiscuous mode needs to be allowed on the interfaces with untangle. I believe both need it but its been away.

        I've tried this setup on EXSi and it was really slow when untangle was put into the mix but i was running this on an Atom d510.. Been meaning to try this on a XenServer to see if it improves..

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.