I now have 2 Ipfire’s at the start and they work as expected. Email, firewall rules, proxy, everything is top notch.
Now comes the last big order/project. As can be seen in the picture, all computers are in the blue network, both private and business.
The two servers should now synchronize as a backup.
According to this guide: https://www.youtube.com/watch?v=VAgrJ-tm1OI
I tried it. The connection is also there. But I don’t have access to devices in the blue network. They can’t be reached via ping either. Is this even possible in the blue network? The blue network is a bit safer, isn’t it?
The only thing that could still be possible (if it helps) I could connect the server from the private network to the green network. Unfortunately this doesn’t work with the other server.
The two Ipfire devices are next to each other if that helps.
What should I choose here? The best thing would be that the connection could be switched on or off at a certain time.
What also seems strange to me is that I can also reach the private red interface from the business network via PING. But from the private network I cannot reach the business red interface via PING.
Could this be the problem?
So I have now set up an OpenVPN in Ipfire and with a Windows tool I access the Ipfire from a Windows client and also reach the other clients in the remote network.
Now I have to set up a VPN connection in the QNAP server. I cannot upload the Config.opvn to the Qnap because an error message appears. Error that the file contains incorrect data.
Now I wanted to test an IP Sec connection in IPFire and then set it up in Qnap. However, as in the screenshot, I have to enter the user name and password AND the pre-shred key. It doesn’t all work together, does it?
You need to be looking for IKEv2/IPSec PSK for use with preshared key or if you changed the cipher set to IKEv1 instead of IKEv2 then you need to look for IPSec Xauth PSK on the qnap.
So in QNAP I only have these options like in the screenshot.
And it’s a shame that OpenVPN doesn’t work because there is some incorrect data in the config file. I’ll post this in the QNAP forum
I’m currently trying to set up the IP Sec server for my mobile devices.
Everything is set up as shown in the picture and the profile is imported into the iPhone. The connection attempt then terminates at some point without an error message.
Are the settings correct? I did it that way according to the WIki. I read about the new network in some post.
I suspect that there is a mismatch between that version and format that IPFire is providing with its openvpn-2.5.9 version.
Unfortunately, from my reading up about qnap the likelihood of them updating the software is low. I have seen similar issues with clamav on qnap as they are using clamav versions that are EOL and no longer supported for database downloads.
You could try to contact qnap and ask them about software updates, especially for the security issues.
Also fro the version info you can see that openssl-1.1.1t is the version.
The last version of the 1.1.1 branch was 1.1.1w and that went EOL on 11th September 2023. There are 7 CVE’s in the 1.1.1 branch between 1.1.1t and 1.1.1w
Unfortunately I suspect the same thing will exist with qnap and the openssl versions. Doing a search I could not find anything related to qnap and moving from openssl-1.1.1x to openssl-3.x
The qnap wiki on openssl certificate generation is from 2012 and dealing with openssl-1.0.1e
Searching on the wiki for openvpn comes back with 0 results.
Unfortunately it looks like I don’t have any good news on how to overcome this problem, other than obtaining newer hardware.
I think I need to set up a VPN connection from IPfire to IPfire in the local network.
A VPN connection from private to business already works. If necessary, I access the business using Windows Client.
Does IPSec also work in the local network? You could switch the connection over time. The OpenVPN would have to be permanently on, but that wouldn’t necessarily be a problem.
So now I have a small problem with the OpenVPN connection.
It works great with Windows 10. However, if I install OpenVPN on the Windows 11 machine and enter the same configuration, the Windows 11 client does not connect to the Ipfire machine. Could it be because of Windows 11?
