WAN can't reach gateway - why?

Hi, there!

It’s me again. So, today I changed the WAN-IP addres since the original one didn’t work. Then I tried pinging my gateway again. But the WAN can’t reach my gateway. Do you have an idea why? Thx already

Usually you cannot free chose the wan-ip/netmask this is provided by you ISP or the router before your IPFire.

The RED IP and the GATEWAY IP must inside the subnet configured via the RED_NETMASK.
Also green/blue/orange must be a different subnet’s. If the networks are overlapping connections cannot routed.

1 Like

Is there any CMD command where I can find out my ISP’s IP Adress?

Yesterday in your other post thread you said that you had been given a Static Connection by your ISP.

In that case your ISP will already have given you the IP and the Gateway IP and the Netmask. Those would never change.

If you are asking how to find out your ISP’s IP then I believe that you do not have a Static Connection but more likely a DHCP connection.
DHCP will obtain from your ISP the IP and the Gateway IP automatically for you.

See the wiki page on DHCP.


1 Like

So, I just rebooted IPFire and now I also used a slightly changed IP Adress from the information I got from whatsmyipadress.com. Now I can reach the gateway but wait for carrier on red0 is still failing for any reason.

What do you mean, you “used a slightly changed IP address”? If (as seems highly likely now) you are getting a DHCP address from your gateway then you simply accept that as a client, you “use” nothing in the sense of setting an IP yourself. Alternatively, if you are behind a routed gateway then whatsmyipaddress would not see your IPFire address at all, but your gateway address.

What exactly are you configuring please? Do you have a network diagram? What device is the gateway?

1 Like

Instead of for example a 1 I used a 2. The rest is the same and it’s working since I can ping the WAN successfully now. However, I still got no internet. And I assume it’s because of the port.

Edit: whatsmyipadress shows your public ip. So, the thing I need for WAN.

Some thoughts about your problem.

  • What do you mean by WAN?
  • The world wide net ( internet ) consists of many trunks connected by routers and similiar devices.
  • Usually the endpoints have access to the network with means of service providers. These define a network for their customers, using public IPs got from a regulation authority.
  • The relation public IP ↔ customer is either fixed ( static ) or dynamic ( DHCP ). With both kinds the customer needs the unique tuple { IP, netmask, GW } which is set by the ISP. A modification breaks the uniqueness.
  • For identification of the customer often the MAC address of the device representing the WAN endpoint is used. Either by direct registration at the ISP or as the first MAC seen after bootup of the modem ( DOCSIS for example ).

What is your gateway please? What do you mean by the term? What device is it?

When you “ping your WAN”, what address is that?

Please provide the first octet of the result from whatsmyipaddress. Conceal the rest.

1 Like

It’s basicallly the same router I’d also use without my firewall. And it’s a telekon public adress for reachin out to the cyber space. I can ping GREEN and RED just the joke is the LAN panel on my laptop is just like, “Nah … sorry, not today!”

Nothing has been clarified.

When I asked (more than once) “What is your gateway please?” the answer “It’s basically the same router…” is sorely lacking any useful information.
I did not ask whether you can ping, I asked what address(es).
I asked for an octet and got nothing.
I asked for a network diagram and got nothing.

I’m not magical, to divine unstated things. Sorry. Perhaps someone else can help you.


We are unable to help until we know how your WAN is configured. When you execute “setup” from the IPFire command line and select Neworking > Address Settings > Red, are your settings precisely as depicted here:
WAN config ?

1 Like

I missunderstood the basic architecture of IPFire. My Green IP is basically 10.0.0.x and I’m using the DHCP/Firewal/Gateway-Server my company is offering where I won’t post the IP.

Big edit here: This firewall I’m installing is just for training skills here.

In this case the roter before the IPFire is your isp and you have to configure RED matching as a client for this network. usually DHCP.



IPFire can be used downstream of another router, such as your company’s. A workable setting for red0 is still likely to be DHCP.

You do not want to connect your green0 to your company’s LAN and need to operate your own “LAN”. It would be less confusing if you don’t use a green0 address of 10.0.0.n. 192.168.n.n is fairly straightforward to configure.

1 Like

I also check the dhcp logs messages red0: Waiting for carrier is there.

I think my DHCP wants to build up a connection but can’t for any reason. Last time it wasn’t able to connect to snet. Any idea why?

Waiting for carrier usually means a missing ethernet connection.
What is snet?