okay, look above, I posted the blue access…
One thought I had before is whether the main IP address for the Router should be different then the IP address for the blue interface?
okay, look above, I posted the blue access…
One thought I had before is whether the main IP address for the Router should be different then the IP address for the blue interface?
Thanks for the screenshots. That helps BIG time!
For now, set up BLUE so everything goes to RED. Use this:
Disable MAC Address filtering for ALL clients
And disable the other rules you already created.
EDIT: Use your blue zone numbers for the ZONE IP.
192.168.1.0/24
and hostname is blank
I wonder, do I have to put the rule in for the entire LAN mac address of the router? I put in the 2.4 wireless mad address?? I am erasing those rules
right now we are opening it up to everything BLUE just to get things working. Once all is good, then we can lock it down (if you want).
my blue network is open, but I need to change it sometime
Working is good!
Remove the protector.sixsix.six name from the BLUE Access window. It is not needed.
Give things a try and make sure all is working on Bothe BLUE and GREEN
well, there’s still no internet but the router itself is able to traceroute out to google.com… I think the protector name is just the domain name… I really didn’t plan on using this set up, this is just for learning, then I probably will set it seriously, lock it down so to speak… Green of course is still working… Blue has no internet… someone mentioned on one of these forums, how there’s a block on blue/red somewhere which is why I went looking for firewall rules…
I’m also open to the possibility there’s something wrong with the wifi router itself… I bought it off of Ebay as “box accidentally opened, never used”… it’s so hard when U pay that kind of money for something and get ripped off… part of the reason I needed a hardware firewall, I have security problems in this place
Can you connect a computer to the blue network and check if you can access the internet?
I hooked the computer into the blue0 line and the computer did get it’s DHCP addresses, but didn’t get internet. So I opened up another green0 line on the four port net card, same card the blue0 line is to test the net card itself. I put that into the computer and got internet. Then I plugged that same extra green0 line cord into the router and got the DHCP numbers, but no internet.
I have another router I can get tomorrow to see if the problem is the router. Thank you for your help, hopefully the problem is the router. U can forgive me for not seeing it maybe the router since I was using it just before replacing it with the IP fire firewall
As @jon pointed out
Your blue access IP is wrong.
Or need to be removed.
To disable the Blue Access.
Change to 192.168.1.0/24
Assuming your blue zone is
192.168.1.1 = gateway to ipfire
/24 = 255.255.255.0
If you use wan port you build a second NAT, in this case the router must have an other IP Range on its lan (i think at the moment this is also configured to 192.168.1.x so it cannot route to the IPFire)
Better is to disable the dhcp on the router and connect it via a lan port to the IPFire. (this downgrade the router to an access point which is needed for IPFire)