Firewall Success

Hallelujah! I finally have a fully functional open source firewall that is now installed at the school. It took a few months but we have done it!

Those of you who have read this blog (sparse though it may be) have read my trials and tribulations with IPCop. For a novice such as me, I found it a bit cumbersome and difficult to troubleshoot. Remember, my MAIN job is being my school's Computer Teacher. This IT stuff is an undesirable necessity. Don't get me wrong, I love training teachers in the use of technology, but when it comes to dealing with servers, I lack enough knowledge to really be comfortable with these duties.

I had installed IPCop over the Christmas break because we could no longer afford the ongoing subscription costs to filter our web content. It worked well, though it was still a bit confusing for me. With IPCop, however, we were experiencing regular browser messages stating that Internet Explorer could not load the page. The choice of browser didn't make a difference, nor did upgrading switches. In addition, all the information I collected about IPCop indicated that, while I was using a older machine (760 MHz), my hardware was still plenty capable of handling its tasks on a 50 user network. I even tried shutting off intrusion detection and caching, but the problem continued.

Enter, Untangle! Untangle is extremely easy to use. While the base package is free to download and install, Untangle offers some educational modules we plan to explore in the near future. For now, I installed the base software "bare back" on a server and 4 modules to define the roles of the server. These modules are easily downloaded and installed from within the Firefox browser supplied with the software. (Nice touch!) Once installed, they appear in your virtual "rack" and can be customized by entering the Settings for that module. I set up the Web Filter, Protocol Control, Firewall and Attack Blocker modules and was easily able to enter settings according to our needs.

I did have one small glitch, however. The Untangle server is connected to a gigabit switch and other workstations could not PING the Untangle server initially. After some tinkering (and sweating), I was able to accomplish a connection by setting both NIC's (inside and outside) to a speed of "10/100" instead of "Auto". Once that setting was changed, everything worked flawlessly.

I don't think IPCop failed me, however. First, the IPCop box was connected initially to 10/100 switch before I swapped it out for a gigabit switch, thinking my issue was with network traffic limitations. This proved not to be the case. Also, I decided to use a completely different repurposed computer which had more RAM and processing power, though I doubt the IPCop box was hindered in any way running on the slower hardware. The best I can come up with is a NIC driver issue or a bad Ethernet cable. Nevertheless, the system is working beautifully now and I am not going to question it. It's done and I don't have to worry about it anymore.

Now, back to teaching!