I spent a couple of hours trying to implement Untangle on a VM but was unable to get it to work..
My Setup
Cisco ASA5510
interface Ethernet0/1
nameif inside
security-level 100
ip address 192.168.201.1 255.255.255.248
route inside 10.0.0.0 255.255.255.0 192.168.201.2 1
to
Cisco 3560G core switch
interface GigabitEthernet0/1
description ASA5510MDF Inside
no switchport
ip address 192.168.201.2 255.255.255.248
As mentioned, Untangle is on a VM running in ESXi 5.1, setup according to the guide:
Two physical NIC's
One vNIC, on its own vSwitch, assigned to one physical NIC for Int
One vNIC, on its own vSwitch, assigned to one physical NIC for Ext
Both vSwitches operating in promiscuous mode
I setup Untangles network as follows:
192.168.201.3 255.255.255.248 as static on the Ext interface
192.168.201.1 as gateway
Int interface set to bridge to external
I plugged Int into the 3560's port mentioned above, and Ext into the ASA5510's port mentioned above. Activity showed on the main rack in Untangles interface (inbound and outbound) and sessions showed up, but there was no internet connectivity from Untangle or any clients. I could ping my core switch from my router and vice versa. I tried many things trying to get everything to work, including resets, swapping interfaces just to be sure, changing static routes, etc. No luck!
Any ideas?
A couple of things I've thought of after the fact so far:
-Might have to get rid of the "no switchport" setting on the core switch on that port and set it as a an access port
-Play with static routes again to make sure I didn't screw something up there (should I even have to do this if this is a true bridge mode?)
I'd rather have an accepted solution than waste time shooting in the dark for the next time I try to implement this. Bridge mode sounded good and simple..
My Setup
Cisco ASA5510
interface Ethernet0/1
nameif inside
security-level 100
ip address 192.168.201.1 255.255.255.248
route inside 10.0.0.0 255.255.255.0 192.168.201.2 1
to
Cisco 3560G core switch
interface GigabitEthernet0/1
description ASA5510MDF Inside
no switchport
ip address 192.168.201.2 255.255.255.248
As mentioned, Untangle is on a VM running in ESXi 5.1, setup according to the guide:
Two physical NIC's
One vNIC, on its own vSwitch, assigned to one physical NIC for Int
One vNIC, on its own vSwitch, assigned to one physical NIC for Ext
Both vSwitches operating in promiscuous mode
I setup Untangles network as follows:
192.168.201.3 255.255.255.248 as static on the Ext interface
192.168.201.1 as gateway
Int interface set to bridge to external
I plugged Int into the 3560's port mentioned above, and Ext into the ASA5510's port mentioned above. Activity showed on the main rack in Untangles interface (inbound and outbound) and sessions showed up, but there was no internet connectivity from Untangle or any clients. I could ping my core switch from my router and vice versa. I tried many things trying to get everything to work, including resets, swapping interfaces just to be sure, changing static routes, etc. No luck!
Any ideas?
A couple of things I've thought of after the fact so far:
-Might have to get rid of the "no switchport" setting on the core switch on that port and set it as a an access port
-Play with static routes again to make sure I didn't screw something up there (should I even have to do this if this is a true bridge mode?)
I'd rather have an accepted solution than waste time shooting in the dark for the next time I try to implement this. Bridge mode sounded good and simple..