I just upgraded my internet to ATT 100Meg. They installed a BGW-210 router.
I want to keep my IPFire box so the wiring is Internet to BGW-210 to IPFire. The ATT box has good WiFi and I can connect to the internet through that port but computers connected through the ATT wireless can’t see my fileserver on the IPFire green interface.
A computer on the IPFire green side can see devices through the red side, through the ATT box wireless but not the opposite direction. My 172. devices on the green side can ping 192. devices out the red side but 192. devices can’t ping the 172. side.
A 192. computer on the ATT wireless can ping the 192 Red address that IPFire got via DHCP, but I can’t get any farther.
The default policy for IPFire (and for most firewalls) is that connections from the Internet side to the LAN side is blocked. So you will need to create a Port Forward rule on IPFire to allow clients on IPFire’s Red address to be forwarded to your file server.
If you want to be able to access computers on IPFire’s Green side from the Internet side of the BGW-210 router then you will need a Port Forward rule on the BGW-210 and another one in IPFire as you have to carry out Network Address Translation (NAT) on both of the router/firewalls. This is called double NAT. It can be dealt with but adds extra complexity with each rule being required on both router/firewalls.
Having the BGW-210 in bridge mode (if that is possible) would make that equipment act just as a modem and you would only have a single NAT then which is simpler.
However that would stop the wireless working on it and you would need to add that to IPFire.
If you don’t want to do that then you have to live with double NAT and remember for every Port Forward rule in IPFire you need an equivalent in the BGW-210.
It is manageable and once you have the rules set up then you don’t need to usually change them unless you change the setup.