IPFire and to ISP on two NIC - VPN Server

Im running the latest IPFire Version with 4 Zones enabled on 4 NIC (Green,Red,Blue,Orange)

Now i have a new Internet Service Provider and succesfully connected it on the Red0 Interface.
But unfortonaly there a few VPN Clients out there who trys to connect to the “old” IP which is now reachable on the Orange0 Interface.

If i scan the old IP on the Orange0 interface from the Internet i see all needed ports open including the OVPN Port, the IPFire sees the connection but did not answer it somehow.

or should i just make the Orange to a second Red interface? i do not need a DMZ.
But if so how can i do this?

Hope somebody understand my problem and could help me :slight_smile:

i watch the traffic with tshark and somehow it received the request via orange0 but the send it back on red0 … so there could be no handshake

Are you saying that the orange ip is a public ip ?? why?

Because I need to be reachable for those old Ovpn clients who tries to access the old Public IP. Should I turn off the dmz and try to make a second Red on the other NIC? But how can I do this?

you have 2 public ip’s, new (x.x.x.x) and old (y.y.y.y).
new clients connect to new, port 1194 and access vpn.
some old clients still try to connect to old, port 1195

Is there a system listening to the old ip? you can tell that system to fwd anything from old to new, then ipfire (which is listening the the new address) will handle.

BTW, you cannot have two red in ipfire.

At now the only system thats listening to the old IP is the IPFire with the orange Interface.
But i will try to install a small Ubuntu server which will be connected to this and running an OpenVPN Server and route the traffic back into our network.
no there all listen to the 1194 port. Is that the only good thing to do right?