Routing to an Untangled Server and Back

varkpos · May 18, 2017, 1:05pm

Hi Community
We need to try and get an untangled server to work within our infrastructure.
Mikrotik is the hear of the network and I would have to route most of the trafic throught the untangled server and back in.
Quick diagram of our network

951G 2HnD
3x Wan Connection, ether 1,2, usb
ether,3 local switch
ether3,4,5, wlan in brige

Data & Phones on the same hardware different network.
All routed to different Wan links.

So the main task is to add the untangled server in the mix for all the data on 10.10.10.0/24
Could not do it inline as quite a few connect to wlan. These units would then be excluded.
My thoughts were to setup routing marks on the data network.
Route all 0.0.0.0/0 data to the gateway of the Untangled’s internal network eth4 on the same network.
Setup routing in untangled as per external connection to the internet vir external nic.
Then route the data back from the external nic in the untangled to ether 5 and then out on the wan.

All sound good in theory but not so easy in practice.
Any advice or guidance from someone who has done something similar.

Thank in advance

idlemind · May 18, 2017, 7:02pm

Just curious. Are the 10.1.1.0/24 and 10.10.10.0/24 IP addresses on separate VLANs?

I’m not familiar with using untangle so you’ve been warned

That aside, you have 10.10.10.0/24, let’s assume it’s a bridge interface in the MikroTik. You could simply assign an IP to Untangle that is used as the default gateway for the devices on 10.10.10.0/24 network. You could then tell Untangle to route back to the MikroTik by default. You can do this right on the 10.10.10.0/24 network or if you want you can connect it to a different VLAN or physical interface.

varkpos · May 19, 2017, 1:28pm

So I found the problem. It was on the untangled installation on the first test box.

Worked flawless in the lab with a new installation and the following routes.

Added routeing mark for all traffic that had to be sent through the untangled server.
Added a route with the default gateway of the internal ip of the untangled server.
External ip of the untangled server in a new ip range with the default gateway ip on the Mikrotik.
Outbound traffic is then routed through the wan interface of choice.

Problem occurred where the first untangled test box did not route correctly between the internal and the external IP in the box.