EFW Support

Hello,

I recently acquired an endian firewall appliance (UTM Mini WiFi) for a company I was consulting for. It was my first time using endian, so it was a learning process and I wanted to share a personal experience that wasted about 2 days of work trying to figure out what was going on.

Put simply, I did the basic setup, checked that I had internet access on GREEN from RED, and then I went on with the configuration of the appliance, only to realize several hours later that I no longer had internet on GREEN.
I went through the process of disabling the firewall and trying to install various routing ways without any success; finally I contacted Endian support as I had a maintenance subscription. They advised me to factory reset the unit. I did just that and finally got internet back working on the unit.

So I started doing the configuration again this time running a ping to google.com on a terminal from a client on GREEN. I turned out that the connection would drop every time I would turn on the VPN server.

The solution was to add a firewall rule to the Firewall/VPN Firewall allowing all traffic from the GREEN + OPENVPN zone to RED and apply the settings.

At that point the internet came back on GREEN and haven't had a problem since.

I've searched for quite a while, both on google and on these forums, but couldn't find any answer giving such a solution.
I hope this helps and can save somebody else some heavy troubleshooting and save some time trying to figure out that enabling the VPN comes with a DENY of all traffic from GREEN to RED and needs to have a new rule from the VPN zone to the Internet zone.

Good luck!

Thanks for your input.

Can you please give your feedback in a month or after 15 to 20 days that how is the performance of the device and the browsing speed. I am using a community edition of Endian firewall 2.5.1 and it needs severe maintenance steps every now and then. Browsing speed goes slow after 10 to 15 days and I have to restart the Dansguardian services along with HAVP. Also, I have to clear all cache data of squid and then restart squid processes.

I was about to make a recommendation for a hardware based appliance as you have implemented. But I now wonder will we be having same issues as we are facing with community edition.

May I request you if you can provide your feedback at your ease.

Thanks

I will keep the post updated on the progress and check to see if everything is working as it should a  of weeks from now with the current user base and internet load.
I am hoping it will, as it is a $1600 appliance and I am going to have an earful if it does not perform as it should. 

Much appreciated. I wil follow up.