Hi All,
I’m hoping someone can assist with the following issue with a VLAN setup.
The situation is as follows:
[1] There’s a 5 Port Managed switch with 2 VLANs configured as default VLAN 1 for GREEN network, and VLAN5 for BLUE network.
VLAN Number: 1
VLAN Description: GREEN
Member Ports: 1, 2, 3, -, 5
Non-Member Ports: -, -, -, 4, -
Access (Tagged) Ports: -, -, -, -, -
Trunk (Untagged) Ports: 1, 2, 3, -, 5
PVID Ports: 1, 2, 3, -, 5
VLAN Number: 5
VLAN Description: BLUE
Member Ports: 1, -, -, 4, 5
Non-Member Ports: -, 2, 3, -, -
Access (Tagged) Ports: 1, -, -, -, 5
Trunk (Untagged) Ports: -, -, -, 4, -
PVID Ports: -, -, -, 4, -
There are only two devices connected to the 5 Port Managed Switch:
IPFire Firewall is connected to: Port 1.
A Laptop running Linux is connected to: Port 4.
[2] IPFire is configured for three zones, using two NICs and one VLAN as per the instructions here: www.ipfire.org - Configuring three zones, using two NICs and one VLAN
a) Zone Configuration:
RED: Default, eth0, Native
GREEN: Default, eth1, Native
BLUE: Default, eth1, VLAN, 5
b) DHCP for BLUE
The BLUE IP Address is: 192.168.5.1
Netmask: 255.255.255.0
BLUE Interface is: Enabled
BLUE Start address is: 192.168.5.2
BLUE End address is: 192.168.5.200
Default lease time is: 5
Max lease time is: 120
Domain name suffix is: localdomain
[3] There’s a standard Laptop running Linux connected to Port 4 of the managed switch, which means it should be on the BLUE network. The Laptop is configured to receive IP Addresses via DHCP.
The only time this Laptop is able to obtain an IP Address from the IPFire DHCP Server on BLUE network, is when IPFire is started.
When IPFire first starts, the Laptop MAC address is successfully added to the list at: IPFire > Firewall > BLUE Access, and the device shows up briefly in the list when IPFire boots up.
Unfortunately, once the IP Address that is initially assigned to the Laptop expires after 5 minutes, (as per the Default lease time that is set in the IPFire DHCP Configuration for BLUE network), then the Laptop DHCP Client address expires, and the Laptop is unable to renew its IP Address forever afterwards.
Note that during the initial completion of the IPFire startup, the DHCP Server for BLUE network will Ping OK from the Laptop, and responds as 192.168.5.1, but only for about 10 seconds, and then the packets seem to be dropped after that, forever.
[4] Strangely, the IPFire > Logs > Log Summary, shows the following information:
DHCP Server:
Config error:
Ignoring interface vlan5: 1 Time(s)
No subnet declaration for vlan5: 1 Time(s)
This seems to indicate a misconfiguration. I believe the subnet declaration is: 192.168.5.1 but perhaps is misunderstanding this.
[5] I’m not certain that the Managed Switch is configured correctly for this specific setup with IPFire, or if it’s a firewall configuration issue, or something else I’ve missed.
Any guidance is most appreciated as to why the DHCP Server on BLUE does not respond to the Laptop after about 30 seconds after IPFire boots up.
Thanks,
Nanoh