Comment
by
‎01-12-2018 06:24 PM - edited ‎01-12-2018 06:33 PM

@cardins2u Untangle have a home use license for US$50 per year, which I think is quite reasonable for the functionality it provides.

https://www.untangle.com/untangle-ng-firewall/untangle-at-home/

There is also a free version with restricted apps which may do everything you need, so have a look into that. They main reason I paid for the Home Pro license was to get the ability for multiple user profiles, so that I can have different web filter rules for different users.

 

You can deploy Untangle on your own pc, buy an appliance from them, or as a virtual appliance on VMware, which is what I did. Deploying on VMware is pretty straight forward, as you can download it as an OVA and import that into VMware, but there are a couple of gotchas.

 

  1. Obviously you need 2 NICs, 1 configured  on each of 2 vSwitches, one as the external network, and the other internal.
  2. Both vSwitches must be configured to Allow promiscuous mode
  3. If you arer using multiple VLANs then the port groups for the internal and external networks need to be configured as VLAN 4095 to allow all VLANs.

This is how my networks are configured:

 

 Screen Shot 2018-01-13 at 3.15.48 PM.jpg

So the nework is connected: ISP Fibre ONT>USG WAN>USG LAN>ESXi Host Ext>vSwitch1>Untangle Ext>Untangle Int>vSwitch0>ESXi Host Int>UniFi Switch

 

I followed this guide to configure the VLANs, as I have Untangle in transparent bridge mode (You can set it up as router.)

 

https://wiki.untangle.com/index.php/Network_Configuration#Configuring_VLAN_on_Untangle_in_Bridge_Mod...

 

Hope that helps.