I have a Red-Green-Blue test unit setup on a test bench, connected to my existing network. A PC connected to a hub on the IPFire box will connect to the net (and I can monitor traffic). I even got Blue working!
But no other systems on the network (not connect to that hub) can see the IPFire box. Even when I change the IP address to match the subnet for either Red (1 which all are using) or Green (2).
Does the IPFire box have to be next in line connected to the main modem and then all my other systems connected to the hub behind it? Or can I just “point” to it anywhere on my network using the IP address?
(and this is a rules problem?)
To answer your question, we need a bit more information.
Which interface is connected to your existing network?
Do you use separate interfaces?
If your network is connected to RED, it is the WAN for your IPFire. So it is ok, if your clients cannot access the network on GREEN. IPFire controls the traffic between LAN ( GREEN, BLUE ) and WAN. Only connections initiated from the LAN are allowed by default.