From UntangleWiki

All Untangle FAQs

How do I determine the devices that are attached to my network?

Assuming the Untangle Server is your router, you can locate the list of devices as shown in Assigning Network Computers Static IP Addresses.

If I am running NAT, how can I provide access to a web server connected to the internal network?

1. If the web server is using DHCP, it should be assigned a static address. Go to Assigning Network Computers Static IP Addresses.
2. Map the web server to that IP address as discussed in Mapping Computer Hostnames To IP Addresses.
3. Create a port forward rule for all incoming traffic on port 80 to your web server as discussed in Redirecting External and Internal Traffic.

I have multiple subnets and after installing Untangle as a bridge only my main subnet can connect to the internet. Why?

Untangle needs to know about the other subnets in order to correctly route traffic to them. This can be done in several ways.

1. Give Untangle an alias on each subnet. This can be done in config->networking. This tells untangle that this subnet is local and should be routed accordingly.
2. Alternatively, If your subnets are all similar (ie 192.168.1.x vs 192.168.2.x) make sure Untangle has a netmask that includes them all (255.255.0.0 vs 255.255.255.0)
3. If your other subnets are behind another internal router also add routes to tell Untangle how to route to these subnets in config->networking->advanced->routing.

Is it possible to use DHCP without enabling NAT?

Yes, DHCP can be enabled if NAT is disabled. The DHCP start and end address range must fall into the network that you specify in the Network Configuration page. See DHCP Server.

Is it possible to serve DHCP on multiple interfaces?

Yes, if you are already serving DHCP on one interface you can configure additional interfaces in config->networking->advanced->DHCP & DNS. More information can be found here,

Does Untangle support dual WAN or WAN failover?

Yes! Look HERE for information on Multi-WAN, HERE for Load Balancing, and HERE for failover.

Does Untangle Server use bandwidth throttling?

No. The Untangle Server uses Protocol Control and Web Filter to solve the problem of network congestion resulting from a few users consuming more resources. For more information, go to About Limiting Network Congestion. Also, QoS offers bandwidth management at the IP level.

My network is extremely slow and some pages won't load. Why?

Some internet connections have a sub-1500 MTU but don't support automatic MTU path discovery. It is worth a try to manually change MTU on the config->interfaces->edit page to something lower, 1492 or even 1450, to see if it has any effect. You must be in advanced mode to change this setting. This is more common with PPPoE connections. It is suggested that if this does not solve the issue you return MTU to the default setting.

Can I use OpenDNS with Untangle?

Sure. Simply change your external interface's settings to use OpenDNS's servers as a DNS server.

My port forward isn't working. Why?

Follow the Port Forward Troubleshooting Guide to see if you can discover the issue.

I setup a port forward for HTTPS (port 443) and it is not working. Why?

Untangle and many of the applications use port 443. In order to forward port 443 you need to move Untangle off of port 443 to a different port. This can be done in config->administration under "External Administration." Also confirm that your web filter doesn't have "Categorize HTTPS traffic by IP address" enabled. This will cause connection refusal/time out errors.

I setup a port forward to my FTP server and it is working but transfers fail. Why?

FTP has multiple connections. If you setup a port forward for the control session (port 21) then you must also setup a port forward for the transfer sessions. You can do this in multiple ways.

1. Configure your server to use a range of ports for a transfer (10000-20000) and configure Untangle to forward all of these ports to the FTP server.
2. Use 1:1 NAT

Does Untangle support 1:1 (One to One) NAT?

Yes, Read more about how to setup 1:1 NAT.

What is "Destined Local?"

Destined Local is a flag for port forward rules. It matches on traffic destined to the local untangle machine and one of its IPs. This flag is usually used when you want to redirect a port on the Untangle Server (and all of its IPs) to another server.

In Bypass Rules, what's the difference between "bypass" and "on" checkboxes? Don't they do the same thing?

"On" indicates the rule is enabled, if it is not enabled, the rule doesn't do anything. "Bypass" indicates the action if the rule matches. If the rule matches and bypass is checked the traffic will bypass Untangle. If it is not checked the traffic will go through Untangle.

One use case is to use bypass rules to send only selected traffic to Untangle. To do this create a single rule that bypasses all traffic. Then place rules above that rule with "on" checked and "bypass" unchecked. Traffic that matched these rules will be sent to Untangle. This would bypass all traffic EXCEPT what matched the specific rules.

Keep in mind, Untangle filters only TCP and UDP traffic. So a bypass rule for traffic other than TCP or UDP has no effect.