Untangle vLan Setup

JoelM

JoelM

Active Member
Reaction score
156
Location
Colorado, USA
I still have not setup a vLan. I know it's suprising. o_O:)
I am working on setting up an Untangle unit at my home office where I can connect clients computers and keep them seperate from my work network to protect my systems.
The unit I have has 4 ethernet ports. I want one port for the internet, one port for my network and one or 2 ports for clients computers. I don't see a need for managed switches unless I MUST use them.
I'm still struggling how to set this up correctly. Where and how do I set the tagging correctly and make sure it exits correctly?

With the forum search broken I have failed there and all the tutorials I have found are for swithes or Untangle units with only 2 ports.
 
You don't even need vlans....nor managed switches.

You can set up a separate network for each additional ETH port....
For example,
ETH0...is your WAN.
ETH1...is your default internal network, say it's 192.168.10.0/24. Have DHCP on that interface hand out the appropriate range.
Take ETH3...and make it another networ, like...192.168.20.0/24....uplink it to a switch. Don't even need a managed switch. Have DHCP on that network hand out the 192.168.20.000 range.
And take ETH4...and make it yet another network, like192.168.30.0/24. Uplink it to a different switch...doesn't even have to be managed. And have DHCP on that network hand out 192.168.30.xxx range.


Now...Untangle is monolithic...it's aware of all traffic, and by default any internal traffic is allowed to pass to other internal traffic. So create a Firewall rule to halt everything between all LANs. Add condition, if source interface is (check all internal interfaces...or...select "any non-wan")...and add condition...if destination interface is "any non-WAN"...action...Block.
 
YeOldeStonecat said:
Now...Untangle is monolithic...it's aware of all traffic, and by default any internal traffic is allowed to pass to other internal traffic. So create a Firewall rule to halt everything between all LANs. Add condition, if source interface is (check all internal interfaces...or...select "any non-wan")...and add condition...if destination interface is "any non-WAN"...action...Block.
Click to expand...
Thanks for your suggestion. This makes sense. Is there a tutorial on Untangle to show how to do this correctly. It sounds exactly like what I want.
 
Yeah their FAQ section had a few guides on it....
I found the ones using another approach, "filter rules"...the GUI you see is the same as you'll find in Firewall rules and you'll do the same thing.
support.untangle.com

How do I block a subnet or interface from accessing others?

Do you have an interface that needs to be blocked from accessing other interfaces? Maybe you want to prevent your guest Wifi from accessing your internal devices or perhaps you have an interface de...
support.untangle.com support.untangle.com
support.untangle.com

Blocking Traffic Between Interfaces

Overview Some users prefer to block internal subnets/interfaces from communicating with one another. There are two ways to block traffic between interfaces. Using Filter Rules The best approach is ...
support.untangle.com support.untangle.com

I've used both approaches...doing it via the packet filters section, and doing it via the Firewall modules rules section. The box at our office, running on one of Sky-Knights NexGen appliances...an NG-100, is using the firewall rules, and we're using 5 or 6 interfaces. Yet at some other clients, I've used the packet filters section to accomplish the same thing. The steps you do are the same in either. IMO, the end result is the same. @Sky-Knight ...being a super Untangle guru, might have another opinion on which he prefers.
 
YeOldeStonecat said:
Yeah their FAQ section had a few guides on it....
I found the ones using another approach, "filter rules"...the GUI you see is the same as you'll find in Firewall rules and you'll do the same thing.
support.untangle.com

How do I block a subnet or interface from accessing others?

Do you have an interface that needs to be blocked from accessing other interfaces? Maybe you want to prevent your guest Wifi from accessing your internal devices or perhaps you have an interface de...
support.untangle.com support.untangle.com
support.untangle.com

Blocking Traffic Between Interfaces

Overview Some users prefer to block internal subnets/interfaces from communicating with one another. There are two ways to block traffic between interfaces. Using Filter Rules The best approach is ...
support.untangle.com support.untangle.com

I've used both approaches...doing it via the packet filters section, and doing it via the Firewall modules rules section. The box at our office, running on one of Sky-Knights NexGen appliances...an NG-100, is using the firewall rules, and we're using 5 or 6 interfaces. Yet at some other clients, I've used the packet filters section to accomplish the same thing. The steps you do are the same in either. IMO, the end result is the same. @Sky-Knight ...being a super Untangle guru, might have another opinion on which he prefers.
Click to expand...
Thanks so much for the help.
 
You must log in or register to reply here.

Similar threads

DanF
VLANs challenge
Replies
7
Views
461
DanF
DanF
HCHTech
Comcast Business Service - What am I looking at?
Replies
4
Views
268
Markverhyden
Markverhyden
HCHTech
Let's talk about VLANs!
Replies
16
Views
2K
YeOldeStonecat
YeOldeStonecat
HCHTech
VLAN 101.....again
Replies
9
Views
953
YeOldeStonecat
YeOldeStonecat
britechguy
Comcast.net (Xfinity) email and auto setup in various email clients . . .
Replies
9
Views
381
britechguy
britechguy
Back
Top