I’m running IPFire (core 153) on a APU Board with 3 nics. IPFire is set up as “Green + Red + Orange”.
Now I’d like to connect wlan APs, running OpenWRT which is able for multiple VLANs, to my green network providing 2 SSIDs, one for guest access. To have the guest access separated my idea was to use the blue zone configured as VLAN via the green network.
I’ve thought it would be possible just to change the network type to “Green + Red + Orange + Blue” and set the blue zone as VLAN to the nic assigned to the green network via the WUI. But the blue zone doesn’t show up in the WUI to configure it as VLAN?
Any ideas how to set this up via the WUI, or do I have to configure this via the config files?
Yes, from that forum post it does suggest that you can set up a zone without a nic assigned.
I just tried following the steps in that forum post with one of my testbed vm IPFire’s and I selected ignore for the orange so leaving it unset without a nic assigned. When I went to the Zone Configuration page in the WUI the orange zone was not present. That seems to also have been the result for the person in that post.
So what is described in that post doesn’t work.
That link was removed in October 2019.
The post where @hvacguy provided the info on multiple vlans per zone is
I came across the video with Timo Eissler that helped me a lot to get an idea how to configure the VLANs. Till then I’ve thought it would be possible to configure VLANs via the WUI, but it isn’t.
I followed the instructions from there, did some crossreading through other threads and what should I say, i configured my first vlan on my IPFire using the zone BLUE
Everything on my testing system running as a VM of course
So far thanks a lot for your support!
Ok, next step. How to configure a 2nd VLAN servicing the seperated WLAN for guests.
Thanks for the link of the post of @hvacguy .
At a first glance it seems he configured an additonal zone. Would it be possible to configure VLANSs like blue0.1, blue0.2, …?
I’ve found this thread with the same question, but I’ haven’t figured out the solution yet. https://forum.ipfire.org/viewtopic.php?f=6&t=22931
Well done on your progress with the vlan. Always wise to do any major changes in the config files with a VM clone. That way you can always go back to your starting point without a full re-install.
Yes they are additional zones but linked to the same parent zone and hence NIC. Therefore they are additional VLAN’s on the original parent zone. They can be called what you want as mentioned in @hvacguy thread. Parent is green and the additional zones can be called green1 green2 green3 etc or brown, purple, khaki, or any names.
At least the above is my understanding but I have never done this myself. I only needed single vlan id’s on each of my IPFire interfaces as I have 4 NICs.
Maybe someone else who has created multiple vlan’s per zone interface can provide some input.
I wanted to give the solution of @hvacguy a try but it seems to be outdated.
There’s no script /etc/init.d/network-vlans anymore. I think it has changed to /etc/init.d/network. But it looks quite different, so I don’t dare to edit it without having it fully understood. Therefore I need some advise from somebody who’s sure what to edit?
If you have run setup.From console.
And set up for 4 zones and assigned 3 of them and finish setup/reboot.
If all 4 zone do dot show up this is a bug.
They all should show up in WUI.
and then you can add your VLAN from WUI.
Hello, I am using the ipfire firewall for a few days now and love the simplicity and the speed of this firewall. I think I can use this is a replacement for my pfsense box which is rather slow at >1Gb speeds.
How about a solution for the networks with more than 4 VLAN’s?
E.g. I use 3 internal vlan’s (IOT, guest, work) besides the native Mgmt network, and my WAN connection => that makes a total of 5. I am stuck how to overcome the 4 colored network interfaces…
there’s no chance to configure more than 4 zones/vlans via the WUI with v2 of Ipfire. As I remember it is planed for v3 …but that’s what we all wait for so long…
As far as I figured out, the only chance to have more than 4 vlans is to configure it via the config files.
I struggled with this a couple of days and to make it short, I didn’t get it work due to some other issues which arised and finally I gave it up… it was one additional reason why I changed my system with a heavy heart to a different firewall OS after a long time using IPfire…