Questions[untangle](server)

I've got a simple set up here:

        Client C                (Internet)
        10.10.10.5 (Static)         |
        255.255.255.0               |
                  \                 |
                   \             X.X.X.X
Server 2008         \          Untangle Router              Client A (Win 7)
10.10.10.10 (Static)-----10.10.10.2      10.10.11.2---------10.10.11.X (DHCP)
255.255.255.0       /    255.255.255.0   255.255.255.0
                   /
                  /
        Client B (Win 7)
        10.10.10.X (DHCP)
        255.255.255.0

Client A can ping Client B. File share also works. Client B can ping Client A. File share also works. Server can ping Client A. File share also works. Server can ping Client B. File share also works. Client B can ping Server. File share also works. Client A CANNOT ping Server. File share does not work.

I've disabled the firewall on Server. Why does the server reject traffic outside its subnet (Client A) but Client B accepts it?

Edit: Here's proof that the packets are leaving the 10.10.10.2 interface of the UT.

Mon Jan 30 2012 23:54:35 GMT-0500 (Eastern Standard Time)
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
23:54:39.197107 IP 10.10.11.50 > 10.10.10.10: ICMP echo request, id 1, seq 223, length 40
23:54:43.952136 IP 10.10.11.50 > 10.10.10.10: ICMP echo request, id 1, seq 224, length 40
23:54:48.844599 IP 10.10.11.50 > 10.10.10.10: ICMP echo request, id 1, seq 225, length 40
23:54:53.885277 IP 10.10.11.50 > 10.10.10.10: ICMP echo request, id 1, seq 226, length 40
23:54:58.902342 IP 10.10.11.50 > 10.10.10.10: ICMP echo request, id 1, seq 227, length 40

5 packets captured
5 packets received by filter
0 packets dropped by kernel
Mon Jan 30 23:55:03 EST 2012 - Test Complete!

Edit #2: I've added Client C, which is also a static IP. I can ping it successfully as well. This is just to verify that the Untangle wasn't doing anything hokey with computers it had not assigned the IP to.

Edit #3: Pings get replied to, until just before the server is all the way booted up. Then the suddenly stop going through...

I want to put a pfSense router in front of my Untangle UTM. There is only one thing I am not too sure about.

If the Untangle box will sit behind another router and run OpenVPN, all I need to do to route traffic to the Untangle through the pfSense is add a static route on the pfSense box and open the port used by OpenVPN right?

Right now the Untangle box is the router.

Youtube is a good tool for finding tutorial videos but it's bad for my network. But the staff sometimes need to watch some tutorial videos on Youtube to help them do their work. How do I unblock certain parts of Youtube so the staff can browse them?

I don't think unblocking certain channel or youtube users would work, it might increase calls to helpdesk. Or maybe Youtube has some magical way of filtering the good videos from the useless?

Note: I'm currently using Untangle webfilter at work.

So Untangle is setup as the default gateway at 192.168.100.1/24, it is the authorative DHCP server issuing addresses from 192.168.100.100 to 192.168.100.200 and is successfully connected to the Internet. Untangle uses OpenVPN for remote access. Accessing the VPN gives me the address 192.168.40.5.

However, I cannot ping any machines on the internal 192.168.100.x network remotely. Clearly, there is something basic that I am missing. What is it and how is it solved?

Update:

The VPN was not setup with the internal network. Since Untangle only allows editing the VPN setup once, the VPN had to be removed and reinstalled with the internal network exported. Now it works.

The lesson is that the internal network must be setup before configuring the VPN.

First of all, let me give you the specifics of our setup:

• Windows Small Business Server 2008 Domain w/ all applicable updates on the DC
  • The DC does DHCP for the main site
  • The DC does DNS for all sites
• 3 sites including our headquarters where the DC is located
  • All sites are connected through OpenVPN SSL tunnels terminated by an Untangle box at each site
  • The 2 remote sites us the Untangle box as a DHCP server for their subnet, which assigns the DC as the primary DNS server
• Collection of Windows XP and Windows 7 workstations connected to the domain

Here's the issue:

All of the workstations at the main site register with the DNS server on the domain controller fine. As they grab an IP from the DHCP server, it updates the DNS server with the new host record. I have 2 systems (each at different remote sites) that fail to register with the DNS server. I've attempted the following troubleshooting steps:

• Confirmed the network adapter is using the DC as a DNS server
• Confirmed 2-way traffic is possible between DC and workstation
• Verified the "Register with DNS server" setting was checked in the adapter properties
• Attempted ipconfig /registerdns and received no errors

For the time being, I have setup a DHCP reservation for these systems and manually created a host record. This seems to work fine, but I need a solution for any new systems that go out there.