Hi. New here. I’m trying to get my act together firewall-wise before I get seriously hacked.
I am not a newbie, but I am not an expert. Tech, yes; networking, not so much.
I want to have the existing network still functioning while I try to get everything set up. I have not been successful in getting to the web app even after switching my nic to the 10.0.10.x network.
I may have read something about the switch having to be programmed to direct the traffic correctly. Not sure. I’m not even sure I would know how, even though I have access to the web console of the 2824.
I have attached a basic diagram of how things currently are. The dotted lines would be future. After setup is complete.
Edit: Don’t know if it’s relevant or not but the Plex server is Unraid, so it has lots of traffic.
IPFire
Did you set up your nic card in setup program?
Red to existing switch.
Green to other network switch with PC
Lof in to WUI
Https://(Ipfire’s ip):444
Setup Domain name system
Make sure status is working
You are not going to be able to do what you want wired in that format.
You have your IPFire red connection getting its IP via dhcp from the ISP router via the 2.5GbE switch.
This means that your IPFire red IP will be in the 10.0.0.0/255.255.255.0 subnet.
You have setup your green connection, if I understand it correctly, with a subnet of 10.0.10.0/255.255.255.0 with the green interface on 10.0.10.1
That green connection is then connected also to the 2.5GbE switch. All your PC’s etc on your existing network will be on 10.0.0.0/255.255.255.0 subnet addresses. None of them will be able to connect to the IPFire green interface as it is on a different subnet.
The only option I can think of, if you want to be able test out making a connection to all the machines on your network would be to put IPFire in parallel with your ISP router but with only one of them connected to red at a time.
Even this way you would have to be careful because you will then have two dhcp servers feeding the network, one on your ISP router and the other on your IPFire system. Also all your machines already connected with an IP will have the ISP router defined as their gateway. Changing the gateway over to the IPFire system will require you to turn off the ISP router dhcp server and then restarting the dhcp clients in each of your machines. (The simplest way is to reboot them but depending on the OS’s involved you can also just restart the dhcp client in each system.
Why do you need to keep the whole system operational while you do this? By far the simplest way is to turn everything off, swap the ISP router with your IPFire system. Do the installation with the same subnet as you had with the ISP router and then turn on the systems in your network.
If it is a day time only business then do the changeover and testing during the night.
If it is a 24/7 business then you are going to have to schedule some downtime somewhere. Even with trying to set IPFire up in the same network as you showed would still need some disconnection as all the machines would need to change over to getting their dhcp info from IPFire.
To minimise the downtime needed my suggestion would be to do the installation on your IPFire machine without connection to the internet to start with and with either the pc connected to the green interface or if you have a spare laptop use that.
You then set up exactly the same subnets on IPFire as you have with your ISP router.
Then connect the laptop/pc to the green interface and get an IP from IPFire via the dhcp and you should then be able to access the Web User Interface (WUI).
Then the dhcp settings, dynamic and any fixed IP addresses, you have defined in the ISP router should also be set up in the IPFire machine via the WUI.
Then with IPFire prepared as above, at the defined downtime, switch off the ISP router and replace it with IPFire, turn it on and reboot the various machines or restart the dhcp clients in each of the machines. I would normally reboot as that ensures that they definitely only have info related to IPFire and not still some cached info related to the ISP router. As the subnets etc are the same it minimises the risks of things not working but if it doesn’t you can also just connect back in the ISP router and turn it on and reboot/restart the various machines in your network.
Maybe some other forum members have ideas on how IPFire can be run inside the existing network so that it can be switched over with virtually no downtime that I have missed.
