Netgear Nighthawk not seeing "router"

I configured a new Netgear Nighthawk RAX45-100NAS to be on my network with IPFire as internal router/DHCP, DNS, Proxy, etc. I turned off the DHCP option on Nighthawk and set the IP to be part of main network subnet. Wireless devices can get on Internet fine. I try to use the Netgear Nighthawk app and it can’t see “the router” - I’m guessing that is supposed to be beyond IPFire i.e. cable modem. I plugged the Nighthawk directly into cable modem’s Ethernet port and it was happy.
My network is configured as:
cable modem -> IPFire box RED, GREEN goes to network switch which feeds the house (and the Access Point).
Is there some firewall rule I should set up to allow Nighthawk to see beyond the IPFire?
Interesting note: the original static IP I used for Nighthawk is now longer visible on network with nmap and ARP scans. I can’t determine what the Nighthawk’s current IP address is - traceroute reports as my originally configured address but that host is down.
I’m thinking I may have to start over with configuring Nighthawk so I can gain access to admin screens.

Hi @beelymagee.

Happy new year!!!.

With what little I do to the idea of how you have it (I attach an image of how I think you have it, correct me if I’m wrong using draw.io), you may have to create a static route in Netgear so that the return requests know get to the team behind the IPFire.

It is to create a route that says that to reach the network (LAN interface of IPFire) with the mask (LAN interface of IPFire), send all the packets to the interface (WAN interface of IPFire).

You can try this to see how.

Regards.

If your Nighthawk is in your Green LAN
you may need a port Forward for your night hawk app.

@roberto - Thanks for your response and taking the time to create the network diagram! You had the network diagram almost right - here’s the diagram I created earlier that I forgot to post:

I think you are right about a port forwarding option - I’ll have to look at the KB articles on how to do that in IPFire - never done that before.

Again, thanks for the response and suggestions.

-*-Bill

Shawn @hvacguy - thanks for the accurate assessment - yes, the WiFi is on the GREEN Lan interface. I’ll have to check out the KB articles on how-to do the port forwarding - haven’t done that before.
-* -Bill

Thanks to everyone for the assistance. I did a reset of the access point and was able to get back in to the admin web portal. I found part of the issue: buried deep in one of the sub-menus - there is actually an option to go into Access Point mode only - I supplied the static IP and subnet, gateway setttings, plugged into the “Internet” port (to talk to the IPFire system, all good - flood gates opened and I could perform all necessary configuration steps.

Dont think so!

You should keep a few basic things in mind. The idea, the concept and ultimately the security is besides many other things also based on each use case having a separate zone. If you now make wifi in green, you undermine this concept. Its less secure and in my opinion wrong to do it this way. Also i dont like your need for an app to admin wifi. Why you need such a (for me strange sounding) app? What i mean with this is, IPFire cant safe you if you afterwards play bulls**t bingo behind it :wink:

1 Like

My wifi AP has always been behind IPFire. I’ve never wanted to have a “blue” separate network for WiFi - we can see each other, desktops, printing as needed, etc.
The new NetGear has its own management app/service running on the AP that only allows devices I’ve approved to get a DHCP-supplied address and be on the network.
I’m very comfortable with this configuration and the original problem is resolved.