Newbie here with no internet connection :-(

Support
1

NethServer Version: 7.9.2009

Well,
moved over from ClearOS, after there was no real development in the last years. So i setup my mini pc with nethserver yesterday but i am stuck here, and even reading hours in forums / documentation seemed to confuse me more than before.

Bottom line:
ISP Modem > red interface > green interface → Switch1 and Switch 2 → LAN clients
192.168.78.254 ->…78.253-> …79.254 → Switch 1 and Switch 2 → …79.31

LAN Clients have IP Adresses in 192.168.79.xxx, 31 is my notebook, 51 my desktop.
All LAN Clients used before 192.168.79.254 (ClearOS) as a gateway, that i kept, by giving the green interface that IP.

DNS i set to 8.8.8.8, but it can’t connect

My Interfaces are being setup that way:

green:
IP 192.168.79.254
Subnetmask: 255.255.255.0
Gateway: I tried different options:
(empty)
192.168.79.254
192.168.78.253 (red interface)
192.168.78.254 (ISP modem)

red:
IP: 192.168.78.253
Subnetmask 255.255.255.0
Gateway: 192.168.78.254 (ISP modem)

The modem can see the client (red interface and interface IP), the LAN client can see the green interface (and thus the webgui) but i cannot connect from LAN to internet.

It says:

Those modules are installed:
Antivirus,
Bandwidth monitor
Fail2ban
Firewall
IPS
Rport
Restore data
Thread shield
VPN
Web Proxy& Filter
Webserver

Services:
Pihole not active
c-iocap not active
clamd@squidclamav not active
collectd active
dnsmasq active
evebox active
fail2ban active
httpd active
httpd-admin active
lsm not active
netdata active
nms active
ntopng active
openvpn not active
postfix active
rsyslog active
shorewall active
smartd active
squid not active
sshd active
sssd not active
suricata not active
ufdbGuard not active
virgilio active

I am pretty sure, i am missing something obvious, and by reading through forum, there are different advices, like, i wouldn’t have to set the gateway on green in the first place, another post stated, i would have to use the green’s IP adress as gateway, another one suggested, that i would have to use the red’s interface IP as gateway for green.

Perhaps i also need to create a routing, but i don’t get, what i have to enter where…

I also switched the cables in the nic’s, then i wasn’t able to connect to green interface with server gui anymore, so i switched back.

So any advice to get the LAN connected to www and having nethserver to filter and firewalling the line, is truly appreciated.

I am lost somehow, and if someone could point me in the right direction, please?

Thanks and best

2

Hi and welcome to NethServer Community,

when using a red interface, you need to set the gateway there. Please delete the gateway for the green interface to avoid routing errors.

Can you ping the ISP modem from a client without wifi?

Can you ping 8.8.8.8 from a client?

1 Like
3

Hi, thanks for getting back. I deleted the gateway entry for green interface.

When i connect my notebook via WIFI to my ISP modem i can work, and ping everything

When i connect my notebook via cable to my ISP modem, i can also work and ping everything.

Thanks again.
jc

1 Like
4

You’re welcome.

If an answer worked for you, please mark it as solved to mark the thread as solved and to help other users finding a solution quickly.

5

It does work, if i connect to the isp modem directly with wifi or cable (no nethserver in between), but it does not work, when i connect via LAN by utilizing the green interface of nethserver.

Looks like green doesn’t forward to red and / or red doesn’t forward to ISP modem.

So if i bypass nethserver, it is working, if i use nethserver it doesn’t. But i see, that my eth-connection on isp modem is working.

Thanks
jc

6

First of all the gateway on the green must be left empty, while the gateway on the red must point to the LAN address of the router.

If from a pc connected to the green you try first of all to ping the ip of the red and then the ip of the router, do they answer?

1 Like
7

Well,
given my current IP’s, green is left emtpy, and LAN address of the ISP modem is 192.168.78.254.
red’s config:
IP: 192.168.78.253
subnetmask 255.255.255.0
gateway: 192.168.78.254 (which is the ISP modem IP)

ping 192.168.78.253 (red interface) no answer
ping 192.168.78.254 (ISP modem) no answer

Thanks for getting back
jc

8

Maybe you just mixed up red and green interface?

9

This i also thought of and swapped both cables. As a result, i couldn’t neither connect from LAN to 192.168.79.254 (green interface) nor to 192.168.78.253 (red interface), so i assume, i have the correct cabling and as far as i can tell, correct setting in nethserver.

btw, would i need to setup a routing from green to red or might red think, there must also be blue or orange?

and should the routing table look like this:
grafik

Thanks and best
jc

10

No, blue and orange are not needed and routing is preconfigured.

The routing table looks good.

Please recheck that IPS and Threat Shield are disabled.

Are there relevant entries in /var/log/firewall.log ?

Could you share your network configuration?

db networks show

11

Thanks for getting back,

Firewall log has tons of these:
10:52:10 n kernel: Shorewall:loc2fw:REJECT:IN=enp1s0 OUT= MAC=00:22:4d:7b:af:9b:d4:81:d7:a6:03:c8:08:00 SRC=192.168.79.31 DST=192.168.79.254 LEN=152 TOS=0x00 PREC=0x00 TTL=128 ID=8516 PROTO=UDP SPT=65236 DPT=1900 LEN=132

Threat shield was installed, same with IPS, i uninstalled them to make sure.

Last login: Fri Jan 1 05:34:48 2010 from 192.168.79.31


************ Welcome to NethServer ************

This is a NethServer installation.

Before editing configuration files, be aware
of the automatic events and templates system.


          http://docs.nethserver.org

***********************************************
[root@n ~]# db networks show
enp1s0=ethernet
    bootproto=none
    gateway=
    ipaddr=192.168.79.254
    netmask=255.255.255.0
    nslabel=LAN
    role=green
enp2s0=ethernet
    FwInBandwidth=1000000
    FwOutBandwidth=20000
    bootproto=none
    gateway=192.168.78.254
    ipaddr=192.168.78.253
    netmask=255.255.255.0
    nslabel=Vodafone
    role=red
ppp0=xdsl-disabled
    AuthType=auto
    FwInBandwidth=
    FwOutBandwidth=
    Password=
    name=PPPoE
    provider=xDSL provider
    role=red
    user=
red1=provider
    interface=enp2s0
    weight=1

Unfortunately …

Best
jc

ps: i assume i misconfigured something in the first place, but, on the other hand, after the installation on my ex clearOS system, it wouldn’t connect either to internet.

12

Network config looks good.

Please check the firewall settings if “traffic to internet” is allowed:

grafik
grafik841×611 56.4 KB

13

It is:

grafik
grafik669×552 19.5 KB

and if i look into the services (firewall details) it looks like this:

grafik

Thanks for getting back, i am really stuck …
jc

14

I know it’s quite windows style issue managament but… did you reboot?

Also: would you please detail us the network card used by your computer? Via console/shell use
lspci |grep Ethernet
this is the output of my test server (single NIC)
1e:00.0 Ethernet controller: Broadcom Inc. and subsidiaries NetXtreme BCM5723 Gigabit Ethernet PCIe (rev 10)

This is an experience I had with other hardware for realtek cards.

1 Like
15

Well, i didn’t reboot i have to admit. This are my nics:

01:00.0 Ethernet controller: Intel Corporation 82574L Gigabit Network Connection
02:00.0 Ethernet controller: Intel Corporation 82574L Gigabit Network Connection

So no Realtek :slight_smile:

i rebooted but… no connection. I do not need to setup a specific route in this case, correct? Just wanted to make sure.

Thanks and best
jc

16

This exclude my suggestion.

AFAIK no manual setup for route, never been necessary (according to documentation and my personal experience).

Worth asking…

ISP device (192.168.78.254/24 LAN - WAN unknown)
|
| (direct connection or separated switch)
|
192.168.78.253/24 GW 192.168.78.254
RED
NethServer
GREEN
192.168.79.254/24, no GW
|
| Switch
|
LAN clients (192.168.79.0/24, different IP addresses)

RED and GREEN on NethServer are not sharing a switch, correct?

Did you already tried to change network cable between RED and ISP device?

1 Like
17

No switch sharing. The ISP Modem is connected to a wall socket, and the cable runs into a patch panel (around 15 meters long) and from patchpanel directly into RED nic. It is like you pointed out above. I swapped the cable from ISP modem to wall socket and also the connector of the wall socket as well, but no avail. Will give it a try later by changing the cable from patchpanel into RED nic, but i have to crawl behind the 19" rack, which takes a little time to do.

Thanks for help
jc

18

Take your time, do your tests. If from shell you cannot ping the ISP router seems quite hard to allow internet work… Unless it’s expected the behavior and did not bother ClearOS.

19

Well,
swapped cable from ISP modem to wall socket
swapped connector in wall socket and therfore changed the patchpanel’s port to reflect the different connector
swapped cable from patchpanel to red nic.

No avail.

:frowning:

It is not the expected behaviour; it did work before, but then after deciding against paying another year for clearos and putting nethserver i won’t have internet in my LAN anymore. So i am a little bit confused. I think, i will try a fresh install tomorrow, to find out, whether this would change something. I really don’t know, what’s happening there…

When connected to wifi of ISP modem, i can ping of course the ISP modem, but i cannot reach the red nic.
having Ethernetcable connected, i can reach green nic, but nothing in the other network. There is something strange happening here… Hmmm…
Thanks for getting back.

20

Are you using virtualization (Proxmox, VMWare)? Maybe there’s an issue like an enabled firewall or wrong mapping of network interfaces?

Maybe you enabled blocking the web ports?

grafik

I think best way is to just install NethServer without any additonal software for testing routing/networking.