Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    PfSense and Untangle on same Host

    Virtualization
    2
    2
    4590
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      scottnguyen last edited by

      (Oh, here's the correct forum…ignore other)

      I've thought about this, but not really put it in practice yet and really need clarification.  I already have pfSense and would like to use Untangle with it in a virtualization scenario - using Xen or Hyper-V or other.  For example, at the border, I wish to have pfSense in front / behind the ISP router, and behind the pfSense I would have Untangle.

      My question is, if pfSense and Untangle is at the border as guest machines on same VM Host machine, how will traffic go from pfSense to Untangle directly?  I can see traffic sometimes going through Untangle and sometimes not.  Say pfSense 192.168.1.1 and Untangle 192.168.1.2...I guess I am a bit missing on how traffic will be forced to go through pfSense THEN to Untangle before it goes through the rest of my 192.168.1.x subnet.   Just because pfSense is 192.168.1.1 does not mean it will flow through 192.168.1.2 next....Can someone clarify please?

      UPDATE:  I think I got it…http://community.spiceworks.com/topic/14962-untangle-hardware - Bridge / Host / Bridge on VM Nics
      If anyone can further improve on this, please let me know.  Internet–(bridge VMnic)pfSense(host VMnic)--(host VMnic)Untangle(bridgeVMnic)--LAN

      Taken from sample…

      1 - VM bridged NIC 1: Internet --> PFsense WAN
      2 - Host Only: PFSense LAN & UT outside
      3 - VM Bridge NIC 2: UT inside --> LAN switch

      1 Reply Last reply Reply Quote 0
      • C
        Cino last edited by

        Setup untangle in transparent mode when your doing the install.
        Example of the switch setup:

        vswitch0 - WAN
        WAN <-> pfSense WAN

        vswitch1 - Internal Router
        pfSense LAN <-> untangle WAN (In transpartent mode, you give it a static IP for your LAN)

        vswitch2 - LAN
        untangle internal (LAN)  (No IP since its bridge to the WAN interface)

        Accept promiscuous mode needs to be allowed on the interfaces with untangle. I believe both need it but its been away.

        I've tried this setup on EXSi and it was really slow when untangle was put into the mix but i was running this on an Atom d510.. Been meaning to try this on a XenServer to see if it improves..

        1 Reply Last reply Reply Quote 0
        • First post
          Last post

        Products

        • Platform Overview
        • TNSR
        • pfSense
        • Appliances

        Services

        • Training
        • Professional Services

        Support

        • Subscription Plans
        • Contact Support
        • Product Lifecycle
        • Documentation

        News

        • Media Coverage
        • Press
        • Events

        Resources

        • Blog
        • FAQ
        • Find a Partner
        • Resource Library
        • Security Information

        Company

        • About Us
        • Careers
        • Partners
        • Contact Us
        • Legal
        Our Mission

        We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

        Subscribe to our Newsletter

        Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

        © 2021 Rubicon Communications, LLC | Privacy Policy