Too Simple Blue to Red DNS Problem

computermanfirst · 26 March 2025 04:27

Hey All,

Thank you for reading. I have been through the posts I could find that are similar, but those seem to actually be more complex than mine.
I am running IPFire on QOTOM dedicated hardware. This is where the simple part comes in. My blue network is an internal card. So I do not have a separate router needing bridging or anything of the sort.
I get an IP on WIFI, I am able to ping Google’s IP address, but I cannot surf using any (DNS) web names. This leads me to believe I have the wrong DNS information set, but only for Blue because Green works fine on several wired machines.
I am not trying to access any machines or printers on Green from Blue, just get Internet on Blue connected laptops and phones.
The posts I read said to use the Green Interface IP, so I have tried that. I also tried the Red IP address and the Red DNS (business static real world Ipv4). I also tried the start of the Green DHCP range and its DNS.

Specifically I tried 192.168.10.50 and 192.168.10.1.

I am attaching a couple of screenshots for clarity. So I guess my question boils down to; can someone please tell me exactly what IP I am supposed to put for the field “Blue Primary DNS” based on the screenshots below? My suspicion is that I already used the proper one somewhere along the way, and I should be looking elsewhere. If so, please direct me to other possible problems.

IPFire 2.27 (x86_64) - Core Update 160
(I know upgrading as soon as I fix this)

Thank You!

firecherry · 26 March 2025 05:40

Sir,

your green primary dns is in your green range 192.168.10.1 - 192.168.10.100.

Your blue is outside of your blue range 192.168.20.1 - 192.168.20.255.
It should be 192.168.20.1 or something like that.

Only for sure:

Check, if all of your clients use dhcp or if not, use the exact subnet mask 255.255.255.0.
Your green dhcp offers adresses 192.168.10.2 - 192.168.10.100, but the subnet mask allows to offer addresses 192.168.10.2 - 192.168.10.255. Thats not wrong, but is it intended?

Check, if every client is allowed to access blue in hostapd.

bbitsch · 26 March 2025 09:14

Welcome to the IPFire community.

Your dynamic leases for blue range from 192.168.20.1 to 192.168.20.255.
This isn’t right:

192.168.20.1 is the blue IP of your IPFire system; first leasable IP should be 192.168.20.2
192.168.20.255 is the broadcast address of network 192.168.20.0/24 ( your blue network ); last leasable IP must be 192.168.20.254

Have you tried with Primary DNS 192.168.20.1 for blue?
I do not recommend to use a secondary DNS server outside your local networks.

computermanfirst · 27 March 2025 23:17

Thank you very much for the input. I have implemented part of the changes, and have resolved the issue for now. Going to revamp all of it during the next onsite visit. The WIFI access is now working. Will post a new screenshot after it is all implemented.