LINUXMIND.DEV

How to Install the Operating System Untangle NG Firewall (formerly Untangle Gateway)

Introduction

Welcome to the Complete Tutorial on installing Untangle NG Firewall (formerly Untangle Gateway) on a Linux machine. Whether you’re a networking newbie or a seasoned sysadmin, this guide will walk you through every step—guaranteed to be more fun than watching a router blink all day (and probably more productive).

Why Untangle NG Firewall?

  • All-in-One Security: Firewall, VPN, web filter, IDS/IPS, antivirus, and more in one neat package.
  • User-Friendly: Intuitive web interface so you won’t need to sacrifice a goat to configure rules.
  • Modular Extensible: Add or remove apps (modules) at will—like playing with Lego blocks!

Prerequisites

Hardware Requirements

Component Minimum Recommended
CPU 1 GHz (32-bit or 64-bit) 2 GHz multi-core
RAM 2 GB 4 GB
Storage 20 GB HDD/SSD SSD for logs caching
Network Interfaces 2 NICs 4 NICs for DMZ / VLAN

Software Downloads

Step 1: Prepare Installation Media

Using Rufus (Windows)

  1. Insert your USB drive.
  2. Open Rufus select the Untangle ISO under Boot selection.
  3. Partition scheme: MBR (for legacy BIOS) or GPT (for UEFI).
  4. Click Start, confirm the warning, and wait for it to finish.

Using dd (Linux/macOS)

sudo dd if=untangle-ng-firewall.iso of=/dev/sdX bs=4M status=progress  sync

Replace /dev/sdX with your USB device. Be careful—dd doesn’t ask twice!

Step 2: Boot Start Installation

  1. Insert the USB/CD into your target machine and power it on.
  2. Enter BIOS/UEFI (press F2, DEL, or the vendor key).
  3. Set boot priority to the USB/CD.
  4. Save reboot: you should see the Untangle boot menu.

Select Install Untangle NG Firewall and press Enter. The installer splash screen appears—take a deep breath we’re almost there!

Step 3: Graphical Installation Wizard

1. Language License

  • Choose your language.
  • Accept the GPL license (yes, free and open source!).

2. Disk Partitioning

You can use the entire disk (simplest) or specify custom partitions (for the control freaks):

  • / (root): 20–50 GB
  • /var (logs): 10–20 GB
  • swap: equal to RAM size

3. Network Interface Assignment

Assign NICs as follows:

  • WAN—connects to internet modem/router.
  • LAN—connects to your internal switch or directly to PCs.
  • Optional: DMZ—for public servers.

4. Admin Password Timezone

  • Set a strong admin password (write it down somewhere safe!).
  • Select your timezone, or the logs will all be confused.

The progress bar will glide forward. If you see an Error: Unicorn missing!—that’s just my humor breaking, not your install.

Step 4: First Boot Basic Setup

  1. Reboot and remove installation media.
  2. On first boot, the console displays the management IP (e.g., 192.168.2.1).
  3. On a PC in the LAN network, point your browser to
    https://192.168.2.1/
  4. Accept the self-signed certificate warning—this machine isn’t famous yet.
  5. Log in with admin and your chosen password.

Step 5: Activate Configure Modules

In the web interface, navigate to Applications gt App Store. Here you can:

  • Enable core apps (Gateway, Firewall).
  • Install extras like Web Filter, Intrusion Prevention, VPN.
  • Configure each app—ACLs, categories, schedules, etc.
Pro Tip: Configure Web Filter categories in phases. Start with block ads and malware, then expand to social media, streaming, or whatever your users love to procrastinate with.

Step 6: Advanced Network Configuration

VLANs Multiple LANs

  1. Navigate to Config gt Networking.
  2. Select Virtual LANs. Click Add VLAN.
  3. Assign VLAN ID and parent interface set DHCP scope if needed.

Site-to-Site VPN

  • Enable IPsec or OpenVPN in App Store.
  • Create a tunnel profile—peer IP, pre-shared key, encryption.
  • Test connectivity: ping remote LAN IPs.

Step 7: Security Hardening

  • Change default admin username (e.g., nti-admin).
  • Enable 2-Factor Authentication (TOTP) in Admin Settings.
  • Lock down SSH: use public key auth, non-standard port.
  • Regularly update: Config gt System gt Updates.

Step 8: Monitoring Reporting

  • Live Activity: View top users, top domains, top threats.
  • Scheduled Reports: Email PDF/CSV reports to stakeholders.
  • SNMP: Integrate with Zabbix, Nagios, or PRTG for advanced alerts.

Troubleshooting Tips

  • No Internet? Verify WAN IP gateway under Network gt Interfaces.
  • VPN won’t connect? Check clock drift on both ends IPsec hates time travel.
  • Module stuck installing? Restart the ngfw service via SSH:
sudo systemctl restart ngfw

Backup Recovery

  1. Go to Config gt System gt Backup.
  2. Click Create Backup Now download the .tgz file.
  3. Store off-site or in your cloud vault—preferably not on a floppy.
  4. To restore: boot from the ISO, choose Rescue mode, and point to your backup.

Conclusion

Congratulations! You now have a fully functional Untangle NG Firewall protecting your network like a digital medieval fortress. Go forth, monitor logs, tweak rules, and maybe share a victory dance with your router. Remember: with great power comes great responsibility… and possibly a lot fewer malicious packets.

For further reading and advanced topics, visit the official documentation:
https://support.untangle.com/hc/en-us

Official Website of Untangle NG Firewall (formerly Untangle Gateway)

Download TXT




Powered by LinuxMind

Leave a Reply

Your email address will not be published. Required fields are marked *