ClearFoundation

Guys,

I have some basic networking knowledge, but it is pretty infantile. I have been attempting to setup ClearOS and finally the cards are up and running in the machine. I got the box working in my room, but i took it out to put it in the cupboard to administer the network and I couldn't get it to work.

The setup physically like this ->

Internet <--> Belkin N-Spec router <--> ClearOS Firewall <---> Netgear FS 524 24 port switch <---> individual IPs.

1. The ClearOS Firewall will not talk to the switch. I plug in my laptop I get a light, I plug in the modem I get a light, I plug in the ClearOS Firewall, I get nothing. The ClearOS firewall works, as with PC or modem connection it works, so why is there no link between the switch and the ClearOS nic when i connect them directly? Do I need a cross-over cable? That is all I can think of?

2. My actual network setting must be incorrect. Can someone have a look at these ->

Router - Static IP - 192.168.1.1, 255.255.255.0

Clear OS IP settings ->

eth0 ClearOS - External - Static - 192.168.1.2

eth2 ClearOS - LAN - Static - 192.168.2.1

ClearOS DCHP Settings ->

name:lan
eth2
gateway:192.168.1.2
range: 192.168.2.100 - 254
DNS: 80.58.81.250

That is correct isn't it? The router is on the 192.168.1.0 network and the External ClearOS is a host on IP 192.168.1.2 on that network. The internal network is 192.168.2.0 and thus the gateway is 192.168.1.2??

Not sure what I am doing wrong? Help please!?!

Thanks guys.

Regards,
Nate

Hi Nathan,

Your external NIC should be setup as DHCP and not static.

Greetings,

John

I thought i would have to be static so I can state the gateway?

Ok I will change it - But then should my router also have DHCP turned on?

Thanks again John.

Regards,
Nate

Hi Nathan,

You are welcome.
If you can, bridge your modem ... that should take care of the DHCP on it (it's preferred to have only 1 DHCP server running on 1 LAN).
If you can't bridge it, for whatever reason, create a virtual server for all ports (1 - 65535) on it that points to your external NIC (unless you prefer to use the firewall of your modem).

You can enter the command "ifconfig" in PuTTy (How to connect with PuTTy) on one of your clients, or in the console on your ClearOS box, to confirm that your NIC's are setup correct.

Greetings,

John

Nathan Sturgess wrote:
Guys,

I have some basic networking knowledge, but it is pretty infantile. I have been attempting to setup ClearOS and finally the cards are up and running in the machine. I got the box working in my room, but i took it out to put it in the cupboard to administer the network and I couldn't get it to work.

The setup physically like this ->

Internet <--> Belkin N-Spec router <--> ClearOS Firewall <---> Netgear FS 524 24 port switch <---> individual IPs.

1. The ClearOS Firewall will not talk to the switch. I plug in my laptop I get a light, I plug in the modem I get a light, I plug in the ClearOS Firewall, I get nothing. The ClearOS firewall works, as with PC or modem connection it works, so why is there no link between the switch and the ClearOS nic when i connect them directly? Do I need a cross-over cable? That is all I can think of?

2. My actual network setting must be incorrect. Can someone have a look at these ->

Router - Static IP - 192.168.1.1, 255.255.255.0

Clear OS IP settings ->

eth0 ClearOS - External - Static - 192.168.1.2

eth2 ClearOS - LAN - Static - 192.168.2.1

ClearOS DCHP Settings ->

name:lan
eth2
gateway:192.168.1.2
range: 192.168.2.100 - 254
DNS: 80.58.81.250

That is correct isn't it? The router is on the 192.168.1.0 network and the External ClearOS is a host on IP 192.168.1.2 on that network. The internal network is 192.168.2.0 and thus the gateway is 192.168.1.2??

Not sure what I am doing wrong? Help please!?!

Thanks guys.

Regards,
Nate

One of your problem looks like it is in 2. The gateway IP of eth2 should be the LAN IP of the ClearOS box, 192.168.2.1.

You can have the WAN IP set to static if you want, or dynamic. It does not matter. However neither is a particularly good solution and if you use dynamic you would have to turn on DHCP in your router.

The better solution which John was leading towards is to switch your router into bridge mode, and switch your eth0 connection type to PPPoE. This avoids double-natting. Your wireless would however be a little useless, but even with your current set up you'd have lots of issues communicating between wireless devices and anything LAN-side of the ClearOS box.

Your other problem is your network connection between the ClearOS box and your switch and is hardware related. You should not need a crossover cable. Do you get a light if you plug eth2 into your router (unplug eth0 first)? If you don't, I'd suspect your eth2 LAN adaptor.

OK please don't think I just got help and then never came back!

The reality is I have been flat out with Uni and have also been waiting for a cross-over cable. Which solved one of my problems, the other was solved by the advice I got here. Yes I have an incorrect gateway ip for my lan. Hence the lack of connection between the red and green parts of the network.

So I have got it all up and running, ftp and all and it is gtg. But I have 2 other issues. 1 Major and 1 minor.

Major -> The only issue is realllllly long DNS lookup times. Once it has the actual IP it is very quick. But with the slow DNS times I can see the people in my house complaining. So my questions is how do I fix this? What DNS do you guys point to?

Minor -> Also Web Proxy. I want to be able to monitor and track usage by IP, which will enable me to throttle the offender bandwidth. I have the Proxy on and it is running in transparent mode, but I go to look at the usage and nothing??. So I can track specific usage. I was also hoping that it would speed up the router/server.

If anyone has some feedback, this would be very useful.

Thanks again for helping me get up and running guy (and for helping me learn more about networking).

Regards,
Nate

Update -> proxy is working ok now.

But I still am having issues with the slow DNS lookup response time. My browser spends quite a few seconds sitting idol and waiting for a response.

Ideas?

Thanks.
Nate

For DNS there are a couple of things you can try. If your router is still acting as a full router, you can try pointing the ClearOS DNS to the router. Alternatively you can try another DNS provider such as OpenDNS (208.67.222.222 and 208.67.220.220) or Google.

I am surprised that you only have one DNS entry as most ISP's provide two.

If either solution works, you may also want to set your first DNS entry to 127.0.0.1. (You can have as many as you want but may have to enter them by editing /etc/resolv.conf manually).

Hi Nathan,

Please confirm that your clients DNS points to your ClearOS box and that your ClearOS DNS points to your ISP's DNS.
Also make sure that on the page "Network -> Settings - IP Settings", Edit the external NIC and disable the "Automatic DNS Servers", to be able to enter more than one DNS.
You can either use public DNS servers (search Google), or contact your ISP for their DNS's.

Greetings.,

John

@John,
Some routers can cache DNS so ClearOS does not have to point to the ISP's DNS, but that will only work if the OP has not switched to ClearOS to PPPoE and the router to bridge mode. Also there is nothing particularly wrong if ClearOS is set up for automatic DNS if the router is handing out a sensible set of DNS IP's (which could be itself), although automatic DNS in ClearOS will not allow the OP to insert 127.0.0.1