IPCOP, network connectivity issues
Results 1 to 7 of 7

Thread: IPCOP, network connectivity issues

  1. #1
    Senior Member
    Join Date
    Mar 2002
    Posts
    314

    IPCOP, network connectivity issues

    I've been trying to set up IPCOP as a firewall on my home network.

    Enumeration:
    Cable Modem:
    IPCOP: 192.168.20.10 (2gb hd, 640kb base memory/80896kb extended memory, 2 nic cards)
    ROUTER: 192.168.20.254 (speadstream s2510 cable router, DHCP enabled/address range 192.168.20.2 - 192.168.20.51)
    LAN: 2 client computers running windows XP professional (ips 192.168.20.2 and 192.168.20.3 are being assigned by router)

    I'm trying to connect the cable modem to the ipcop machine to the router then the LAN clients...unfortunately, I can't seem to establish connectivity with the IPCOP box.

    I've tried enableing/disabling dhcp at the router, neither to any avail.

    I have tried plugging the ipcop into router port 4 rather than routers WAN port...I still can't ping it.

    I have tried re-installing IPCOP and switching nics configured as LAN (green).....no change.

    I'm running out of ideas here.....help?
    Faqt


    If you want to make God laugh....make plans.

  2. #2
    Senior Member
    Join Date
    Mar 2002
    Posts
    314
    I've also switched the cable to another system and verified the cable is not the problem.

    There has to be something I've missed here.
    Faqt


    If you want to make God laugh....make plans.

  3. #3
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,883
    Yes, you have missed a number of things, but let's start with a few questions.

    1)
    LAN: 2 client computers running windows XP professional
    Based on the IPs you have provided, there is no LAN #2 all addresses are on the same subnet. Please elaborate.

    2) Why would you put the IPCOP box between your router and your cable modem? Place it behind the router and use it as your default gateway for all internal hosts.

    3) Why are you complicating your home network this way? What do you hope to achieve by adding IPCOP to the mix?
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  4. #4
    Senior Member
    Join Date
    Jul 2002
    Location
    Texas
    Posts
    168
    I see what your trying to do, but with ipcop you dont even need a router. Just replace it with a switch/hub. Its also easier if DHCP is enabled on the ipcop machine and disabled on the router if you do use it.

    I also found that the problem can be having the green/lan side hooked up to the internet connection and having the red/internet side hooked into the lan connection. Basically make sure the green interface is indeed connected to the lan.

    And for troubleshooting if you enabled it, you should be able to use a web browser to view the web based admin panel. Just type in http://ipcop addy here:81
    that should do it.

    It just dawned on me and this may be the issue. Ipcop isnt getting its ip from the router is it?
    Just log in to the shell using the root username and pass and check using ifconfig eth0 and if config eth1. One should be internal the other should be a valid ip address from your provider.
    <chsh> I've read more interesting technical discussion on the wall of a public bathroom than I have at AO at times

  5. #5
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Another little oversight. Your router requires an internal and a WAN address. You have stated that the address of the router is a single private address, (192.168.20.254). Since routers move traffic between one subnet and another it needs to have the addresses of both subnets so that it can make the determination of what is local traffic and what needs to be routed, (in this case to your ipcop box).
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  6. #6
    Senior Member
    Join Date
    Mar 2002
    Posts
    314
    Wow....I need to answer so many things here that I couldn't figure out where to start.

    Tiger Shark-
    1)- sorry, I may have missworded my original post. There is 1 LAN (192.168.20.x), this LAN consists of 2 computers (192.168.20.2/192.168.20.3)

    2)- I don't have enough NIC cards on hand to install into the IPCOP machine to connect both the computers, and the modem.

    -With the router on the internal side of IPCOP, couldn't IPCOP still be the internet gateway?....there's no reason local traffic should ever touch it since local traffic would be handled by the router, but any inbound/outbound traffic would have to go through it.

    3)-Experience...I have this system sitting here doing nothing, it's only got a 2gb hard drive, so any full blown operating system is going to be a bit much. IPCOP however is free and available so thought I'd give it a go.

    Darksnake-
    My main problem is I can't seem to establish the connectivity required to go to http://ipcop:81.

    I see your point about the router trying to assign IPCOP it's IP....I'll explore that a bit and see if I can't find the source of my problem there.

    Tiger Shark-
    Since routers move traffic between one subnet and another it needs to have the addresses of both subnets so that it can make the determination of what is local traffic and what needs to be routed, (in this case to your ipcop box).
    OMG...I didn't even think about that, my router still has my public IP address....
    You're saying it needs to be told that the IPCOP computer is the external (WAN) address?

    Does that mean that the IPCOP will need to be on a seperate subnet from the LAN?

    Thanks for all your help guys...hope I cleared up everything
    Faqt


    If you want to make God laugh....make plans.

  7. #7
    Senior Member
    Join Date
    May 2002
    Posts
    450
    Here is my setup .... similar to what you want, less the IPCOP ... its a Gentoo box ...

    Modem (10.0.0.1) &gt;&gt; Gentoo Box NIC 1 (10.0.0.2) &gt;&gt; Same Gentoo Box NIC 2 (192.168.0.1) &gt;&gt; Wireless Router/Switch (192.168.0.2) &gt;&gt; Rest of the computers on network ... (192.168.0.whatevers)

    The traffic is routed out through the modem via the Gentoo box ... I cant see how IPCOP would be doing this any different.

    The reason I have the Gentoo box as the gateway is is allows me a lot more control over what comes in and out than just the router which I could drop in front of the nix box.

    Hope this helps.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides