I use 192.168.27.0/24 as my normal LAN network. How can I configure a second network 169.254.2.0/30 on the LAN/green ethernet device in ipfire and setup a route, so that all my devices in 192.168.27.x can access a device with IP 169.254.2.1 ?
I use a “Speedport Smart 3” in modem mode to connect to my VDSL provider (Telekom). The Speedport in modem mode configures LAN port 4 for WAN PPPOE dial-in and LAN port 1 with IP 169.254.2.1 to provide a website with modem information (sync bandwidth, …). I want to access this website (169.254.2.1) from my devices in 192.168.27.x .
LAN1 is directly connected to the switch of the green network. The traffic should be routed directly by the switch without going through the routing table of IPFire. However, if I am wrong and you cannot ping 192.254.2.1 because it always goes to 192.168.27.1 first, you can try to add a static route to IPFire by going to the web user interface of IPFire and choosing /Network/Static Routes. Put 192.254.2.1 as host IP and 192.168.27.1 as a gateway.
of course, @xperimental solution would be my preference, if the modem allows you to do that.
definitely I would not do it. This is what @lexaiden wants to do and as usual there is a tradeoff between convenience and security. For me, security is absolutely N1.
I am new to ipfire and have used fli4l before. With fli4l I had the same wiring running, by adding an additional network (169.254.2.2) to the LAN ethernet device and adding a route.
@xperimental
Unfortunately I cannot change the IP address of the Speedport Smart 3 in modem mode, it is hard coded.
So… there is really no way to configure an additional IP range (169.254.2.x) on the LAN ethernet device?
As far as I know: No. But you don’t need to. You can give any client in green a second static IP within 169.254.2.0/24 and it can access your Modem webinterface.
That’s right, that’s what I’m currently doing. But I don’t want to enter this manually on each of my clients. But it’s not like I check the modem every 5 minutes… in that case, it only works on the clients that I have configured for it.
I would stay with the fli4l, but my new hardware (DELL WYSE 5070) support UEFI only and unfortunately the fli4l does not support UEFI. I don’t want to send the hardware back, so I looked around for an alternative router software.
@xperimental
If it doesn’t work out-of-the-box, then I’ll live with the static IP on the clients where I need the access to the modem. I will not add another network card for the feature.
@all
Thanks for the responses/help. Unfortunately my feature is not possible, otherwise I would mark someone as a solution.
The rules individually do not work either. I also tried to add the address manually.
ip addr add 169.254.2.2/24 dev green0
Then I can ping the modem from ipfire, but not from the 192.168.27.x client, it is not routed. I think the firewall blocks the packages? But it’s probably a stupid idea to configure iptables/ip on the command line? What the standard configuration dialogs of ipfire do not support should probably be omitted?
