Skip to main content
Arista

Untangle Firewall: Download, Install & Configure for Your Homelab

Mustafa · · 3 min read

What Is Untangle NG Firewall?

Untangle NG Firewall (now part of Arista Edge Threat Management) is a Linux-based network security platform that combines firewall, intrusion prevention, web filtering, VPN, and reporting into a single appliance. It’s popular in homelabs because the free tier is surprisingly capable and the web-based UI makes complex network policies accessible without deep CLI knowledge.

System Requirements

  • CPU: x86-64, dual-core minimum (quad-core recommended for 100+ Mbps throughput with all apps enabled).
  • RAM: 4 GB minimum, 8 GB recommended.
  • Storage: 80 GB disk (SSD preferred for reporting database performance).
  • NICs: At least two Ethernet interfaces—one for WAN, one for LAN. Intel NICs are best supported.

You can install Untangle on a spare mini-PC, an old laptop with a USB Ethernet adapter, or a virtual machine in Proxmox, ESXi, or Hyper-V.

Step 1 – Download the ISO

Visit the official Untangle download page and grab the latest ISO image. The download is around 1 GB. If you plan to run it as a VM, you can also find pre-built OVA images for VMware.

Step 2 – Create a Bootable USB or Mount the ISO

Physical Hardware

Use Rufus (Windows) or dd (Linux/macOS) to write the ISO to a USB flash drive:

sudo dd if=untangle.iso of=/dev/sdX bs=4M status=progress

Boot the target machine from the USB drive.

Virtual Machine

Attach the ISO as a virtual CD/DVD drive and allocate at least two virtual NICs—one bridged to your WAN and one to your LAN segment.

Step 3 – Install the Operating System

The installer is Debian-based and mostly automated:

  1. Select your language and keyboard layout.
  2. Choose the target disk (the entire disk will be formatted).
  3. Wait for the installation to complete and reboot.

The whole process takes about five to ten minutes on modern hardware.

Step 4 – Run the Setup Wizard

After the first boot, open a browser on a machine connected to the LAN interface and navigate to http://192.168.2.1 (the default LAN IP). The setup wizard will guide you through:

  1. Admin account – Set a strong password and an email for alerts.
  2. WAN configuration – DHCP, static IP, or PPPoE depending on your ISP.
  3. LAN configuration – Set the internal subnet and DHCP range.
  4. Time zone and updates – Enable automatic signature updates.

Step 5 – Install Recommended Apps

Untangle’s modular design lets you enable only the features you need. The following free apps are a solid starting point for a homelab:

  • Firewall – Stateful packet filtering with easy rule creation.
  • Intrusion Prevention – Snort-based IDS/IPS with community rules.
  • Web Filter – Category-based URL blocking (great for parental controls).
  • Phish Blocker – Scans email traffic for phishing links.
  • Ad Blocker – Network-wide ad blocking without browser extensions.
  • OpenVPN – Site-to-site and remote-access VPN built in.
  • Reports – Detailed dashboards for bandwidth, sessions, and threat events.

Paid apps like WAN Balancer, WAN Failover, and Bandwidth Control are available with a subscription but aren’t necessary for most homelab use cases.

Performance Tips

Bypass Rules

If you stream a lot of video or run game servers, create bypass rules for high-throughput traffic so it skips deep packet inspection. This dramatically reduces CPU load.

Disable Unused Apps

Every enabled app adds processing overhead. If you’re not using Spam Blocker or Virus Blocker, turn them off to free up resources.

Use an SSD

The reporting database writes frequently. An SSD makes the dashboard snappier and prevents I/O bottlenecks during peak traffic.

Running Untangle as a VM

Untangle works well as a virtual machine, but be aware of a few gotchas:

  • Use virtio NICs (Proxmox/KVM) or VMXNET3 (ESXi) for best throughput.
  • Allocate dedicated CPU cores rather than sharing—firewall latency matters.
  • Take a VM snapshot before applying Untangle updates in case you need to roll back.

Conclusion

Untangle NG Firewall is one of the most user-friendly network security platforms you can self-host. Its web UI, modular app system, and solid free tier make it an excellent choice for homelabs of any size. Download the ISO, dedicate a small machine or VM, and you’ll have enterprise-grade network security running in under 20 minutes.

Recommended Hardware & Hosting

Build your homelab with hardware tested and used by our team.

Beelink SER5 Mini PC (Ryzen 5)Compact Proxmox host. Run Docker, VMs, and lightweight AI workloads with 16GB RAM.
~AED 900
Crucial Pro 32GB DDR5 560032GB (2x16) DDR5 kit — the minimum for running LLMs and heavy Docker workloads locally.
~AED 500
NVIDIA RTX 4070 Super12GB VRAM with higher compute. Excellent for Stable Diffusion XL, video AI, and LLM inference.
~AED 2,700

Affiliate links — we may earn a small commission at no extra cost to you.

Share this article