I have a FTTP connection that needs authentication to connect (username/password). I must have the RED connection set to DHCP for the dial up menu entry to appear. I have multiple public IP addresses that I need to use but the Aliases menu entry does not appear unless I set the RED connection as static. So it seems I cannot authenticate, connect to my ISP and use my public IP addresses at the same time. Can some one confirm this is the case? Many thanks.
Hi welcome to ipfire.
So you want to host 8 outside IP addresses. Here is what is normally done in those installations:
An unmanaged switch is placed right after ONT/Modem. Then a router is plugged into the switch for every ip address. Then each router is programmed with its distinct ip address. If the connection is PPP or PPPoe, then you would enter the connection info.
I never have used ipfire for these types of installations. But you would need 8 ipfire machines and you would connect using the same username/password for each static ip, but I don’t see a place to change dhcp to static so they might need to add that connection type since its not a common connection (PPP or PPPoe with static address).
There is routers that have multi-wan inputs, but those are more designed for making redundant WAN connections with two different ISPs.
You could invoke a command to change the Red interface to a static after it made a connection, like what the Linksys routers do, but normally different DNS servers from the ISP are used for static addresses, or at least with the ISPs I have installed a system like this before.
Hi Dave
Thanks for your email.
Yes – that makes sense and easy to do with VMs.
I am used to Draytek routers which handle multiple IP addresses and NAT them to internal IP addresses – but they are quite pricy. I am trying software routers to see if they will work for my clients. Currently I have OPNSource installed and am playing with it.
All the best
John
Its all in application, but the reasons why I wouldn’t choose a soft router Or one of those Daytreck routers is that it causes a single point of failure which I try to minimise in an installation.
@ziggo: I believe that any years ago, we had this request, but I don’t think that we developed some solution for it. So I believe that IPFire currently does not support this type of connection - or least not the secondary IP addresses.
I would like to be able to support this though, so if you are up for it I would be happy to learn more about the technical details so that we can implement a solution. It isn’t rocket science. It just hasn’t been done because it seems to be a rare type of setup.
@dr_techno I don’t think I need to point out that your proposed solution doesn’t fly. One firewall per IP address? This is pure madness. You have been warned before to refrain from posting these things and you don’t seem to listen. There has been a couple of posts like this from you this week and therefore I believe that you want to troll this forum. Therefore you will be temporarily suspended and hopefully you will be able to change your behaviour.
Just trying to understand this. Does Red have to be DHCP or PPPoE? I know some ISPs using PPPoE will give you a block of 8 IP addresses in a different subnet from the PPPoE address which is great as you get the full 8 IP addresses to use yourself instead of the 5/8 in a conventional /29 subnet.
Some ISPs seem to run some odd configurations. They usually differ quite a bit from one ISP to another which creates a lot of work for us to support them all.
A separate subnet is something that IPFire already supports out of the box.
You SHALL use the router of the ISP and not IPFire.
SCNR
Its unfortunate that there is 5 facilities around my city that have this exact network wiring scheme, that I copy for two businesses. This was also covered in a network class in a college I went to as well.
So don’t jump to assumptions because there are a lot of ways to do the same thing.
Thank you all for your contributions. I have now bought a Draytek 2927 router which does the job well. I will continue to play with IPFire and may well include it in my network.