My problem is that my green side computers cannot connect to the internet. While on the green side I can type https://ipcop:445 and get the GUI screen and mess around. So the green side is good. I've pinged both red and green IP addresses from the green side and get a respone. I've pinged from the red side and get a response from the red ip. When I try to ping an IP address on the web from the Command Prompt on my Windows from the green side I get "Destination net unreachable." Currently I have my setup like this
The reason I have it going through the router is so I can still access the net without constantly changing cables. Now to resolve any IP address I'll give you fake ones, but they good enough to get by.
First my router is set up as 192.168.5.1. I made my Red address 192.168.5.2 with the default gateway of 192.168.5.1. I made my Green address 192.168.5.3 and setup all my computers to have a default gateway of 192.168.1.3.
Also, I have made no changes to the firewall rules as I am not sure what to change. When I read the documentation it says that any requests from the green to the red will be passed on, but currently I'm not seeing this. Also, I have setup my DNS servers correctly as I took them directly from my router. I have also tried removing the router and connecting the firewall directly to the router and changing the gateway address to the correct one, but I get the same errors.
I also rebooted the IPCop machine and before I could login it gave me this error: "Could not connect to
IP::Socket::INET: Bad host name '
' at /usr/..... line 38" . Since I'm getting this error it sounds like the red interface is not connectting at all to the internet, but I do not know how to test that or even if this is true.
Sorry for the long post, hope i supplied enough info.
try changing the ip address of either red or green. obviously, you've set the addresses under the same network. try changing either the red to i.e. 192.168.6.2 and also you router interface facing your red interface to 192.168.6.1 OR change your green interface to 192.168.6.3 and the rest of the network connecting to the firewall. the idea is that the addresses for both interface should not be under the same network. also, you've set you clients to use proxy 192.168.1.3...where did you get that?...from your setup, the proxy that you should have used is the IP address assigned at the green interface plus with the correct port that you have specified in IPCop.
I changed my green network to 192.168.6.1 and set the computers to that network. I pinged the address and got a reply from all, so everything else being the same I am still having the problem. Also, 192.168.1.3 was a typo, it should have been 192.168.5.3. I rebooted the ipcop machine again and did not get that error as before, but I'm still having the problem.
try pinging a url (like yahoo.com) at the ipcop server itself. if you are not able to ping it then there is a problem with the red interface. check the network settings (ip address, subnet, gateway). same as with the green interface (ip address, subnet, gateway). also your dns settings. also you could try doing this, from the client side try to ping the ip address of the router or a url like yahoo.com. ( on my side it is something like 220.127.116.11). if you are able to ping the ip address of yahoo or any url but unable to access it using the domain name then there is a problem with your dns settings...
Just a couple of checks to establish where we are:
1. Can you ping your router's internal address from a machine on the green side. Note I said router and not IPCOP.
2. Can a machine connected directly to your router access the internet.
3. I assume you've made the changes suggested by jhun and placed the green and red sides on different subnetworks.
4. Is the proxy on the IPCOP disabled? Make sure it is not running while you test basic connectivity. You can always enable and configure it afterwards.
Can you also confirm the following:
IPCOP green side 192.168.6.1
IPCOP red side 192.168.5.2
Router internal address 192.168.5.1
Problem solved! Thanks for you suggestions because they helped. For some reason (probably spending too long last night messing with this) I forgot how to troubleshoot. When I woke up this morning I thought about pinging my router or pinging from the firewall onto the internet, but I read this first and the same thing was suggested. When I tried this, nothing. I checked the network addresses and everything was correct. Looked at the drivers for the cards and one seemed to be wrong. Changed the driver for one of the cards and viola, INTERNET!!!!