I’ve installed IP Fire with 3 interfaces: GREEN + RED + BLUE.
The confusing thing was, green and red had the same vendor name but different MAC addresses, so I don’t know if the onboard Ethernet is green or add-on NIC is green, I tried switching wires to either of them and trying but still unable to get any response.
I’ve set GREEN’S IP address as 172.0.0.1, I’ve set RED’s address to DHCP and BLUE’s IP as 168.0.0.1.
I’ve enabled DHCP on GREEN Interface and set the start and end IP as 172.0.0.2 and 172.0.0.253.
In DNS and Gateway settings I’ve set 8.8.8.8 and 8.8.4.4 as primary and secondary DNS, and gateway as 172.0.0.1.
If I connect something to GREEN NIC, will the device automatically get an IP? Or do I have to manually assign an IP from the GREEN’s IP address as 172.0.0.2.
I’ve chosen 3 interfaces because I wanted to use one as management interface, the other two as LAN and WAN, can I do this on IP Fire?
Hello,
To what I remember, the gateway is not related to GREEN but to RED. On my setup, the gateway is my ISP’s internet box IP. Here is a screenshot of GREEN configuration from IPFire wiki, and there is no gateway:
Your DHCP server for GREEN looks correctly configured, so it shall automatically give an IP adress to any computer plugged to this network.
EDIT : from IPFire’s Wiki:
The address for your Gateway (the next hop after your IPFire) would typically be the host address of your ISP modem/router. It might be different in larger networks.
I’ve set GREEN’S IP address as 172.0.0.1, I’ve set RED’s address to DHCP and BLUE’s IP as 168.0.0.1.
Neither 172.0.0.1 nor 168.0.0.1 are valid private IP address spaces. You are strongly
recommended to use private IPv4 addresses in your local network only.
In DNS and Gateway settings I’ve set 8.8.8.8 and 8.8.4.4 as primary and secondary DNS, and gateway as 172.0.0.1.
This sounds like you are trying to install an outdated version as the DNS settings
were recently removed from the installation setup. Please download the latest image
from www.ipfire.org - IPFire 2.25 - Core Update 144 instead.
I’ve chosen 3 interfaces because I wanted to use one as management interface, the other two as LAN and WAN, can I do this on IPFire?
To my knowledge: No. You might choose the green network as you management network, and
put your clients into the blue one, which would sort of satisfy your needs. This is
documented at the step 5 of the installation handbook.
No offense intended, but you seem to lack most basic network knowledge. Are you sure you want
to run a firewall? IPFire is nothing to install and put aside afterwards. It requires ongoing
maintenance such as installing updates, revise firewall rules, etc., and at least basic
network and Linux/Unix knowledge in order not to become a security disaster.
We can help you with some IPFire-related questions here, but please be prepared to learn
general network stuff by yourself. Again, no offense intended.
Thanks. I’ve changed the configuration of RED interface, I’ve deleted the earlier entries of primary and secondary DNS and gate from the RED interface and now it’s set to DHCP.
What are valid IP address spaces for local network?
Yes, I’m using the outdated version of IP Fire which I have on my PC, I’ll install the latest one later, I’m using the old one to familiarize myself with it.
I’m using GREEN one for management. Now I can access IP Fire’s webui and I created a rule which blocks the one device I’m using for management on GREEN interface from accessing RED interface in both directions.
My IP Fire is able to get IP address from RED interface but it is not able to access IDS/IPS rules, says system is not connected, but in home status page it shows that Internet is connected. How can I resolve?
My BLUE interface is able to provide IP addresses to devices connected to it but devices on BLUE are unable to access Internet. I’ve created two firewall rules allowing BLUE to access RED in both directions.
I’ve also created two rules to prevent BLUE and GREEN interacting with each other.
So after I made the last reply, the network is working as it should. This is really strange! I haven’t modified a single setting, it didn’t work earlier and now it is working. What could have made that? Virus, RAT, Trojan?
This question tells me that you are trying to build a house without any knowledge of construction science.
You should take your time to read, understand and learn some boring but important stuff about TCP/IP, networking, protocols and how internet works.
It will ease a lot of the mistakes that you may do trying to install a firewall distro.
This is not a good idea, because recent updates have changed the way some fundamental settings are made.
The remainder of your post indicates that you are re-inventing many wheels. It would be simpler and more reliable to work through https://wiki.ipfire.org/ Some options, such as BLUE, require quite a few settings to get working and it is unrealistic to expect to quickly get all working.
So after I made the last reply, the network is working as it should. This is really strange! I haven’t modified a single setting, it didn’t work earlier and now it is working. What could have made that? Virus, RAT, Trojan?
I doubt it as it would be way too obvious: If thinks are not working anymore, people will have a look at them - as an attacker, you want to avoid this under any circumstances.
