forum.ipfire.org

Leider ist "einfach alles neu machen" leichter gesagt als getan. Ich habe hier 50+ OpenVPN-Einträge und ca. 10 IPSec-Tunnel. Das alles neu zu machen ist ein immenser kommunikativer Aufwand mit den Admins der Gegenseiten, zumindest bei den Tunneln... Das ist sicher ein valider Punkt, aber... Ich per...

My personal preference would be:

1. Option 3: setup IPsec tunnel, because this is the most elegant one, since you don't need to configure anything on the clients;
2. Option 1: use proxy settings in the PC;
3. Option 2: because it will only work properly for HTTP, but not HTTPS.

Regards, zargano

Red Static IP address that I pay for from my ISP Green 10.7.4.1 Subnet 255.255.255.0 and Blue 10.7.4.151 (no devices connected to Wlan yet) Subnet 255.255.255.0 Do not use overlapping IP address ranges: Green and Blue are in the same subnet of 10.7.4.0/255.255.255.0. Move Blue to a different IP add...

I have a server running apache, bind, dovecot, postfix, proftpd All was running behind my old router/firewall before I built a ipfire rig. I have 1 website running on it along with email for that domain. Your server is in your Green network? Or in your Orange network? This server shall be reachable...

Roberto Peña wrote: ↑

November 1st, 2018, 4:57 pm

I will test this and discuss the results.

Excellent. I am interested in the results...

Guessing, I would manually add routes in /etc/sysconfig/firewall.local . But I am guessing... Although in German language, please have a glance here https://forum.ipfire.org/viewtopic.php?f=6&t=20451&p=115129#p115129 This post describes how I applied a modification to get access to the WebGUI of my ...

As I read your words, I understand that you intend to route all traffic from your remote office to your Fortigate Head Office. There the traffic towards the Internet will be filtered. The idea is to NOT grant direct Internet access to the remote office, i.e. bypassing your Fortigate Head Office, cor...

Roberto Peña wrote: ↑

October 27th, 2018, 6:47 pm

P.D .: I say this because it has happened to me.

Good point!

Hi, I see the wifi network and, when I put WPA 2 key, my computer tries but nothing : no address IP, so I'm not able to ping the blue IP. Please be precise: is your client connected on Wifi level, or is the client disconnected on Wifi level? "No IP address" could be true for both cases... Actually t...

Das ch bekomme nach der Installation einfach keine Verbindung zum Webinterface. und das Starting dhcpcd on the red0 interface FAIL Rest mit OK. ist für mich widersprüchlich: Wenn Du keinen Zugriff zum Webinterface von IPFire hast, wie kannst Du denn dann die zweite Fehlermeldung sehen: auf der lokal...

MPaniez wrote: ↑

October 24th, 2018, 8:56 am

when I want connect to it (with WPA2 pass), the connection doesn't work.

What does that mean? Aren't you connected on WiFi level? Don't you get a valid IP address of the BLUE IP range? Aren't you able to ping the blue IPFire IP address? Aren't you able to access Internet resources?

New to ipFIre. I'm an old IPCop user. When I try to setup the rule to allow me to access the firewall from the Internet, it says Policy Block. I am an ex IPCop user as well ;) Why don't you setup a VPN connection to your IPFire? Then you have full access to IPFire. Being a roadwarrior, I use OpenVP...

The reason is simple, see here: viewtopic.php?f=22&t=21692

Unfortunately I don't have any proposal, how to fix this...

Das Modem fungiert jetzt wirklich nur noch als Modem und die Einwahl erfolgt über die ipfire. Das ist schon mal sehr gut, weil dann der VDSL-Router als Fehlerquelle ausgeschlossen ist. (Der muß ja sonst die entsprechenden Ports für IPsec durchreichen.) Ich habe eben mal einen Portscan gemacht, der ...

Hallo zusammen, wenn das VDSL-Modem tatsächlich als Modem (und nicht als Router) arbeitet und dementsprechend der IPFire die Einwahl macht, dann sollte es keinerlei Freigaben bedürfen, weil der IPFire an Rot eine öffentliche IP-Adresse hat. jadokus, schau mal, ob die IPsec-Logs was hergeben und post...