Initial setting

21

Short description of a basic IPFire setup.

IPFire works as internet gateway for local networks.

  • Internet comes in through the WAN NIC, called red. Addressing is determined by the access device. In case of a router DHCP is the first choice. Red address is given by the router.
  • Wired ( ethernet ) network is attached to a separate NIC of the IPFire device. Usually there is a DHCP server for this network. The address for this NIC must be member of this network. Example: Network 192.168.10.0/24 —> green address 192.168.10.1, addresses of green devices 192.168.10.2 … .254
  • Wireless network must be another range, attached to another NIC or an internal WiFi card.

Important: the networks of red, green and blue must not overlap. Also they must not be physically connected, the connection for data flow is done by IPFire.

1 Like
22

I inform you that I am using Ipfire 2.29 core 191 aarch64.img with Raspberry PI 3+
Alberto

23

If you have a /24 subnet, you can’t actually use the address 192.168.20.0. The first usable one is .1.

24

If 192.168.1.1 is your internet router’s gateway and you set 192.168.1.1 on Green Interface you will be able to connect to IPFire on Green but you will never be able to access the internet

Have you correctly assigned the Raspberry Pi network cards?

Plug the USB-to-LAN adapter RTL8153 to Raspberry USB port
and your internet router

[root@ipfire ~]# setup

network card assignment:

Red → usb : rtl 8153
Green → usb: Standard Microsystems Corp. SMSC95…

don’t use wifi for now

I persist,

Address settings :

  • GREEN : 192.168.10.1
  • RED : DHCP

DHCP :
start : 192.168.10.100 end : 192.168.10.200
Primary DNS 192.168.10.1

Check on the console that your internet router is assigning an address correctly

Bringing up the red0 interface...
Starting dhcpcd on the red0 interface...                                                                                          [  OK  ]
           DHCP Assigned Settings for red0:
           IP Address:      192.168.1.160
           Hostname:        ipfire
           Subnet Mask:     255.255.255.0
           Default Gateway: 192.168.1.1
           DNS Server:      192.168.1.1

Check that all connections are OK on the console

Like this

[root@ipfire ~]# ifconfig red0

red0: flags=67<UP,BROADCAST,RUNNING>  mtu 1500
        inet 192.168.1.160  netmask 255.255.255.0  broadcast 192.168.1.255
        ether 00:50:56:33:4e:50  txqueuelen riroute1000  (Ethernet)
        RX packets 3017  bytes 2873077 (2.7 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1500  bytes 626657 (611.9 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

with ether = Mac address of NIC USB RTL 8153

[root@ipfire ~]# ifconfig green0
green0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.10.1  netmask 255.255.255.0  broadcast 0.0.0.0
        ether 00:50:56:2d:2e:31  txqueuelen 1000  (Ethernet)
        RX packets 1954  bytes 535696 (523.1 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 3979  bytes 4438154 (4.2 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

with ether = Mac address of NIC USB Corp. SMSC95… (RPI Ethernet)

[root@ipfire ~]# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         gateway         0.0.0.0         UG    1002   0        0 red0
192.168.1.0     0.0.0.0         255.255.255.0   U     1002   0        0 red0
192.168.10.0    0.0.0.0         255.255.255.0   U     0      0        0 green0

Plug your PC directly to the Ethernet port of the Raspberry
and connect to https://192.168.10.1:444

If it doesn’t work try in the console
[root@ipfire ~]# elinks

2 Likes
25

Hello Alberto,

When you are changing the address of green0 are you also changing the address of the PC that you are using to try to access the Web GUI?

From the above, you could connect to the Web GUI when it was in the 192.168.1.0/24 subnet which would be the same subnet that you had before, so your PC had an address in that subnet.

When you change to 192.168.10.0/24 or 192.168.20.0/24 and could not access the Web GUI, I suspect that your PC’s address was still in the 192.168.1.0/24 subnet which would happen if the PC’s address is set manually or, if using DHCP, enough time hasn’t passed for the PC’s lease to expire and be renewed from IPFire DHCP.

One easy way to test this is to see if you can ping the green0 IP from the PC that you are using to try to access the Web GUI. If you can’t ping green0, check your PC’s IP and change it if needed.

And to echo the above, if red0 has an address in the 192.168.1.0/24 subnet, green0 needs to be in a different subnet (as you were exploring with 192.168.10.0/24 and 192.168.20.0/24 → that’s the right idea).

Regards,
Stephen

1 Like
26

This is indeed a clue,

the PC that you connect to the Green must also be configured in DHCP and reconnected after starting IPFire

1 Like
27

I followed your settings and checked the status of the PC. I realized that I had an antivirus with VPN, and even though the VPN was deactivated it was interfering, in fact I uninstalled the VPN and now everything works.
Thanks again to everyone for the many tips.
Alberto

1 Like
28

Glad you found the solution to the problem finally.
It allowed us to update the installation documentation :wink:

29

2 posts were split to a new topic: OpenVPN check mark won’t stay in place