IPcop setup..

kurrupt · 03-21-2005, 09:50 PM

hey guys whats up.. iam going to setup an ipcop server and this is how its going to be setup.. iam just kinda confused on what is should make the local ips.. i will try to draw a diagram lol

INTERNET
|
|-----MODEM ---|
| (RED)
|------------------IPCOP SERVER
|
|(GREEN)
|
|
|
Linksys WIRELESS ROUTER
(192.x.x.x)
|
|
|
..... to the rest of the pc's

ok i hope that diagram made sense.. now...to configure the GREEN part.. it asks me for the local IP.. and on ipcop.org.. it tells me to use the 192.x.x.x but how does that make sense?
i tried it and when i typed htts://192.x.x.x:81 it gave me an error.. i dont think iam doing something right

iam trying to read on the site how to do this..it kinda is a bit confusing right now.. does anything think they can clear this up for me?

crabboy · 03-21-2005, 10:20 PM

That's correct. The Green will be an internal private IP address. All the machines on the internal network will specify the 192.168.x.x address as the gateway. ipcop will do all the routing. The 192.168.x.x:81 should work. Double check the IP, connections, etc...

If you are going the dhcp route, make sure that the dhcp is disabled on the linksys router and have ipcop do all the dhcp.

If you are using the new version of IPCop, it has a blue interface for wireless devices. I have my dlink wireless router (only used as an AP ) on the blue interface. It will keep anyone that gets connected via wireless from accessing anything good.

kurrupt · 03-21-2005, 10:24 PM

ahh ok cool so iam on the right track.. so instead of doing RED+GREEN i would do RED+BLUE?

crabboy · 03-21-2005, 10:45 PM

If everything on your network is wireless you would. If you had at least one wired machine aside from the ipcop box, you would want both. It's not a necessity, just extra security.

I took a second look at your diagram, it was a little confusing. here would be my attempt.

Code:

    ( Internet)
         |
         |
         | (Red)  eth(x)
    ----------------                        
    | ipcop        |
    ----------------
      | (Green) eth(y)
      |
      |
      |
    ----------
    | switch |
    ----------
       |  \       -------------
       |   -------| Machine A |
       |          -------------
    -----------
    | Linksys |
    -----------

If your linksys has multiple LAN ports on the back, it can even
be used as a switch. Just plug green wire in from ipcop into
one of the LAN ports, Make sure nothing is plugged into the WAN
part of the linksys. Not sure if the terminology is the same
with the Linksys, but it would be the port that goes to the modem
under a normal setup.

Setup as I'd suggest:

Code:

    ( Internet)
         |
         |
         | (Red)  eth(x)
    ----------------
    | ipcop        |
    ----------------
      |         | (Blue ) eth(z)   -----------
      |         -------------------| Linksys |  (All router functionality disabled )  
      |                            -----------
      |(Green) eth(y)
    ----------
    | switch |
    ----------
       |  \       -------------
       |   -------| Machine A |
       |          -------------
    -------------
    | Machine B |
    -------------

crabboy · 03-21-2005, 10:55 PM

I forgot to mention IPs.

Red - your static internet address, or setup for PPoE or similar
Green could be something like: 192.168.1.x
Blue could be: 192.168.10.x
Orange could be: 192.168.20.x

notice the Green, blue and orange are on different subnets. If a machine in the DMZ was hacked, it would prevent the hacker from access to the green or blue networks. This is what really separates ipcop from an all-in-one router like the Linksys or D-link. The DMZ feature on them is a joke.

kurrupt · 03-22-2005, 07:47 PM

ok cool.. now i understand whats going on..

now i just have 1 more question..when it turn off total funcationality of my routers.. i have 1 wired and 1 wireless.. can i still ahve the WEP security on the wirless along with the MAC address filtering?

crabboy · 03-23-2005, 02:42 PM

I know my d-link allows it. I'm not sure about the Linksys. I don't see why not.

On my d-link I do use encryption but I don't restrict by MAC on the router, I let the IPcop box do it.

kurrupt · 03-23-2005, 05:25 PM

ok cool..

so now.. how will i know which card is which.. because i have 3 network cards the same.. all intel..
which one will be green...red..and blue?

and for the green and blue.. when it asks me for the IP.. i just type in 192.168.1.1 right? or if i do it like u
Green could be something like: 192.168.1.x
Blue could be: 192.168.10.x
Orange could be: 192.168.20.x

will IPcop automatically calculate the subnets? or will i have to mathimatically calculate it myself?

crabboy · 03-23-2005, 07:22 PM

Quote:

so now.. how will i know which card is which..

Good luck. Since I'm a true lazy ass, I just did a few ping tests, swapping the cables until I saw the responses.

As for subnets, just use 255.255.255.0 for all the interfaces on ipcop and for all the machines on the network.

kurrupt · 03-24-2005, 06:29 PM

ok LOL iam having some problems now

i choose the second setup you recommended.. and this is exactly what i did set up by step...

Step 1:

It asked me to Enter the ip address info for the GREEN interface..

IP: 192.168.1.1
Net Mask: 255.255.255.0

Step 2: now it asked me for the network config type..

i picked GREEN + BLUE + RED

Step 3: then i went to drivers & card assignments and setup my 3 exact same network cards lol

GREEN: Intel..blah blah blah ( Eth0)
BLUE: Intel..blah blah blah ( Eth1)
RED: Intel..blah blah blah ( Eth2)

Step 4: i go to Address settings and

Red: switch to DHCP
Green: well that was configured before
Blue: IP: 192.168.1.1
Subnet: 255.255.255.0

Step 5: DNS and gateway settings

i left this blank?

it asked for my primary DNS and secondary DNS and default gateway... so i dono if it was ok for me to leave it blank

Step 6: then it asked for DHCP Server config

of course i enabled it and disabled DHCP both on my routers.. made them routers instead of gateways
Start address: 192.168.1.xxx
End Address: 192.168.1.xxx
Primary DNS: 192.168.1.1
Seciondary: left blank
and the rest seemed already done and fine for me

so then i set up my passwords and rebooted... and then i go to this PC and i type https://192.168.1.1:81

it tells me connection refused

so then i kept switching the cables around in every possible combo i can think of.. and it still didnt work..

so this is what i think:

a) i screwed up my config somewhere up there LOL
b) there is some conflict.. i dont think this would matter but even when i change the router to a switch.. i still plugin a cable into the WAN port?
c) i have no clue which one is RED GREEN or BLUE lol

and yes all the cards work.. ive tested them.. they are supported and they are all recognized

so u think u can help me out some more bud? LOL thx

crabboy · 03-24-2005, 10:18 PM

Unless it's a typo you have assigned your Green interface the same addy as the Blue ( 192.168.1.1 )

Quote:

Step 5: DNS and gateway settings

i left this blank?

it asked for my primary DNS and secondary DNS and default gateway... so i dono if it was ok for me to leave it blank

These settings are provided to you by your ISP, they are required.

You should have to setup seperate DHCP settings for both the Green and Blue interfaces. It's basically the same settings, but the IP range will be 192.168.10.xxx instead of 192.168.1.xxx.

For testing purposes it may be benefficial to assign an IP to a machine just for testing. Make one 192.168.1.100. Ping the IPcop box until you get responses while switching cables. Once you get a connection, try the IP:81 again. Change the Ip to 192.168.10.100 and find the blue card.

good luck.

kurrupt · 06-29-2005, 11:55 AM

What if your IP changes all the time with your ISP.. well not all the time.. like once every 3 months or so..cant IPCOP use DHCP on the red eth(x)???

crabboy · 06-29-2005, 05:09 PM

Yes it can.

kurrupt · 06-30-2005, 09:09 AM

great thanks!