Unable to get internet on the Wifi Blue network

Help please!

Unable to get internet on the Wifi Blue network.
I don’t understand the problem.

Hi @domsheldon1

I don’t know enough to be able to tell you what the problem is but in situations like yours, I would go back to the simplest default condition, so disable the proxy, disable the firewall rules and put the policies back to default.
Confirm that you can then access the internet on blue then re-introduce the various policies and rules one at a time until you find the one that stops you getting access.
Then you will know what part/change needs to be worked on to get access again before introducing the next conditions/rules.

Maybe Enabled on Blue needs to be checked…

A few steps from my side:
Do you have access to the to the web interface of the ipfire (if yes your wifi works)?
Do you have access from green network to the internet?
Are the any differences in the DNS rules between green and blue?

Personally I prefer in the outgoing rules"interface red" to “red” and not Any

Thank you for your interest.

Why internet is blocked for the blue network. It’s quite curious.

that are my rules and they work

Thank you! Can you give me the points with an arrow?

Well, screen shots will not do by the amount of arrows. I will try it this way, I am afraid with a lot of abbriviations, but they shouldt self explaining if you look in the rule definition:

FR 2
S: Green D: DE-Germany P: ICMP Echo Request 8

FW-Red to SN Red Services DOT
FW Red to SN Rds Service Groupe: WebProxy
FW Red to SN Rds Service Groupe: WebProxy ICMP echo-request 8
FW Red to SN Rds Service Groupe: WebProxy Service: Whois

S: DOT = TCP 853
SG: WebProxy = FTP21, HTTP80, HTTPS443


Hello, Is it possible that the provider is blocking the output with its firewall?

IP of a PC on a blue network:

GREEN: / 24

From my perspective of view the provider can’t distinguish between your green and your blue network. He only knows the output of the red one.
So if the green network works the blue one should do as well.

1 Like

you DON’T have to shoot any firewall rule. What you only have to do is:

Take your PC/IP from this section in network, DHCP server
current dynamic assignments

you can give an other unique IP. You must not take the one from DHCP

Then go to this section in firewall ,access to blue and take your IP/PC again
current DHCP assignments on blue

thats it.
BTW you have access to green from special IPs
AND internet if you set the DNS for blue in DHCP server.

if you had looked in your fw log, you had seen,that it is a forwarding problem on port 53 I think.

1 Like

I have to look at it in detail but I am running out of time. This configuration does not work! The client has a good blue DHCP IP address but he does not have internet! Do I have to activate the proxy (BLUE)?

you forget the second step of my howto. at least you posted nothing about.nevertheless your ip is not allowed to access blue if you not do so. and fw rules are really not interesting. though I have a QDN , but should work with localdomain too I think. each device must be added this way or nothing will be go on. blue works different from ‘normal’ wifi