Hi
I ran some tests to swap between static and dynamic ip on the laptop to show the result of >route print
I was able to connect with the Internet from the laptop on static and dynamic ip. The route command output looked OK both ways.
I have no explanation for this. Over the years I have changed ip settings more times than I could count. I did exactly the same today as I have done before. No other changes have been made. So I am making progress, but in this case, I don’t know why.
I am going to do some more testing tonight. If all goes well, I will connect the Wifi AP to the Blue network. This should be easy. The AP as been working for years with it’s current settings. I should be able to just plug it in.
Hi
I now have repeatable and stable Green to Red internet connection.
This morning I tried getting the wifi working. That was a fail. I can get wifi connection to my phone and other devices, but I can’t get through to the internet.
I am using a Cisco AP541N access point, which is positively antique, but entirely adequate for my application. I can see associated devices listed as connected to the AP251 but without IP addresses.
The AP251 is allocated a static ip of xxx.yyy.22.255
I think this might be a problem with DHCP setup between the AP541 and the ipFirewall. Out of scope for this forum. I will try enabling DHCP on ipFirewall to see if the connected devices get allocated ip addresses.
It is so long since I had to setup the AP, that I have forgotten how I did it last time. The AP251N looks like it has DHCP available on the LAN network, but not Wifi. I am confident that this problem is something wrong with setup. I need to do some more experimentation to figure out what I have done wrong.
One thing I have noticed is that the Dashboard connection status is usually wrong. It doesn’t update when I think it should. For example, I rebooted the ipFirewall, and the status did not change. This looks like a bug to me.
Hi
That looks like it could solve my problem. Thank you.
I am not convinced that a Wifi MAC address white list is an effective security measure.
It would stop the casual wanabe hacker, but anyone with below average skills could spoof the mac.
Also, for a long time, vendors have randomized mac addresses for all wifi connections.
It is there in the menu and has been for a very long time. You can use it and as you said it will stop casual people trying to access.
You can also disable the mac address filtering as lower down in the wiki page.
Your stronger defence is to have WPA2 very strong passwords set in your wifi but having the mac address filtering as well doesn’t reduce the security.
Hi
OK I have reached a point of success.
I am submitting this via ipFire.
Wifi is operating.
There are a couple other things I need to setup (ssh, vpn) but I am not expecting any issues with those. If I do have problems, they are not time critical. Not like telling my better half she can’t watch her favourite soap.
Thanks for your patience and all your help. It took me a while, but I got there in the end with your help.