Hello, I’ve got a little problem that really gets on my nerves.
Current setup is a IPfire with green, red, blue and orange configured to one network card each.
Green0 is configured with the IP range 192.168.0.0/24 and DHCP comes from a windows server within the rage.
Orange0 is configured as 192.168.220.125 with 255.255.255.0 mask. It is connected with a switch from a different Network with the IP range 192.168.220.0/24 (the .125 is outside the DHCP range of that Network)
If I now SSH into the IPfire and ping any PC/Server on the orange0 Network (192.168.220.0/24 range) I get a ping reply. So the firewall is connected correctly to the other network, correct?
If I know try to ping the same PC/Server in the orange0 network from a client in the green0 range 192.168.0.0/24 I get nothing back.
I did add a firewall rule to allow allow traffic from green0 to orange0 but that didn’t help. I also tried a static route for 192.168.220.0/24 with gateway 192.168.220.125 but that also did nothing. Where is my error in thinking? Is it even possible to get orange0 to respond to request from green0?
I’ve tried that but still nothing. I’m pretty sure I’m missing something basic here without knowing what. Also, since this is a fresh install, I’m under the impression that the older releases where “easier” or “less strict” out of the box?
The problem should not a firewall rule. The system in orange get the request but you cannot get a reply to the green network because the systems in orange have no backward route to the green network and the default route goes to the other switch. You need a extra route on the orange clients or a source nat rule that hide (masquerade) the green network behind the orange .125 IP.
