Forums

Resolved
0 votes
I am on a learning curve so please be kind...I just installed the Home version of ClearOS and am setting up my new PC to replace my TPlink router. I did the initial setup wizard and did not setup network ....finished the wizard and rebooted to the logon screen. After I logon is it possible to connect to my existing LAN first to get to the Web configuration app? Or is it necessary to disconnect my existing WAN from my cable provider? Ant help appreciated...thank you.
Wednesday, January 17 2018, 04:58 AM
Share this post:
Responses (7)
  • Accepted Answer

    Wednesday, January 17 2018, 08:26 AM - #Permalink
    Resolved
    0 votes
    Welcome aboard.

    In the initial configuration, port 81 is open on the WAN (note - please close it when you've finished configuring, unless you need WAN access). This means that, if the ClearOS WAN is set up to DHCP, you can connect the ClearOS WAN into your LAN, leaving the ClearOS LAN disconnected from the TP-Link LAN. If you can then work out the ClearOS WAN IP you can then connect to the ClearOS Webconfig. The easiest way to work out the ClearOS WAN IP is to log back into the console directly and look at the interface configuration.

    I suggest you enable the DHCP server on the ClearOS LAN, and use a subnet which is not 192.168.0.0/24 or 192.168.1.0/24. Once you have the ClearOS LAN configured like that, if the subnet you've chosen is different from your TP-Link subnet then you can leave the ClearOS box connected to your LAN and connect workstation to the ClearOS LAN and do everything from the ClearOS LAN, only removing the TP-Link when you are ready. You can do these settings directly from the console which would allow you to plug a workstation directly into the ClearOS LAN.

    If you have not bumped into them already, to very useful tools for remote access to ClearOS are PuTTy for a terminal and WinSCP for a graphical file manager and text editor.
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, January 17 2018, 04:51 PM - #Permalink
    Resolved
    0 votes
    Thank you very much. I set all my Ethernet ports to DHCP and plugged into my default WAN port on the new PC with the IP address and port number in the console and the WEB app now is reachable through another station. As the WAN is set to DHCP is all I have to do is unplug my existing WAN connection from my cable modem to my old router and plug in to the WAN port on the new PC? Will the PC assign a new IP address when I try to reach it from the new PC LAN port or should I assign a static IP address to the new PC LAN port before I do this? I don't want to break my old router on my network for too long and kill my internet. Also do I need to enter the Dynamic IP internet address and subnet mask from my provider somewhere on the installer before proceeding or is it all automatic when I connect to the ISP modem? I know there are many questions but I am learning much of this as I proceed. I really appreciate all the help.
    The reply is currently minimized Show
  • Accepted Answer

    Thursday, January 18 2018, 05:14 PM - #Permalink
    Resolved
    0 votes
    If you get your address by DHCP from your ISP, setting the WAN NIC is fine. You *may* have to power cycle your modem when you connect ClearOS to it. You don't have to enter any Dynamic IP internet address and subnet mask from your provider - and don't expect to get the same one as you had on the TP-Link!

    Once you are up and running, if you have cable it is great if you can put your modem into bridge mode so ClearOS get's your public WAN IP. If you have a PPPoE connection (ADSL or some fibre, like BT), if you put your modem into bridge mode you may have to change the ClearOS WAN to PPPoE. Don't do this until everything is working.

    For your LAN, more typically you set it as Static. Commonly you give it a .1 or .254 address (the highest or lowest usable in a /24 subnet) but there is no particular requirement to. You would also enable the interface DHCP server (Webconfig > Network > Infrastructure > DHCP Server) so your LAN devices get their IP addresses from ClearOS. Again, you don't have to do this if you have another DHCP server on your LAN. Most likely yout TP-Link is your DHCP server currently. As I said earlier, I recommend not to use a subnet which is 192.168.0.0/24 or 192.168.1.0/24.

    Once you have your WAN and LAN working and ClearOS has replaced or is about to replace the TP-Link, I suggest you close the Webconfig port in the incoming firewall. It only affects your WAN as the LAN is automatically allowed full access to ClearOS.
    The reply is currently minimized Show
  • Accepted Answer

    Sunday, January 21 2018, 02:00 AM - #Permalink
    Resolved
    0 votes
    Thank you. I can now access the web GUI with the WAN port of the server connected to my LAN switch on one of my workstations on the LAN. GREAT.....but I assigned vacant static port to the server LAN (enp2s0) it showed linkup....and connected a PC directly into the LAN port of the server and can't connect. In fact then I couldn't connect through the WAN. It seems I am in an endless loop. I went back to my original network config and can again access the web GUI with the server WAN port connected to my network. Could you suggest a remedy to this situation? I could see the PC on the LAN of the server while scanning but could not ping it. I chose a vacant IP and made it a static config but it broke my existing connection on the WAN. Sorry if this sounds confusing...it is to me. Here are the network parameters that I went back to in order to access the web page:

    enp1s0 External DHCP 192.168.0.134 Yes
    enp2s0 LAN DHCP No
    enp3s0 LAN DHCP No
    enp4s0 LAN DHCP No

    I set (enp2s0) LAN to STATIC with a good vacant LAN IP of 192.168.0.135 then everything fell apart as I indicated above.

    I am making headway but slowly. I want to be able to access the web GUI from the LAN before I break my present router and put the ClearOS box in service. Any further help appreciated.

    Another thing I just remembered....I added the Incoming Firewall APP just before I tried to setup the LAN...I went to the setup and the firewall rule is to let webconfig TCP 81 as Allowed Incoming Connection. There were no blocked connections listed. Do you think I should disable the firewall? It really is not needed when I am not on the ISP providers WAN yet (internet). Perhaps that is the problem?....thank you...

    I have attached a log file
    The reply is currently minimized Show
  • Accepted Answer

    Sunday, January 21 2018, 08:50 AM - #Permalink
    Resolved
    0 votes
    Don't disable the firewall for the moment in case you forget later. While playing around you could add a custom rule:
    $IPTABLES -I INPUT -s 192.168.0.0/24 -j ACCEPT
    This will allow all traffic from the TP-Link subnet.

    I think what you were trying to do is plug a ClearOS LAN port back into the TP-Link LAN subnet. You can't do this as you get a routing loop. The ClearOS LAN's must now all be on independent physical networks. This means you now need to connect a workstation either directly to the ClearOS LAN port or to a switch connected to the ClearOS LAN port. Before you do this, set the LAN NIC to Static and set up the DHCP Server. The LAN subnet must not be 192.168.0.0/24 as that is your WAN subnet. Also avoid 192.168.1.0/24.

    What you appear to have done initially is connect a PC to a LAN port, but the LAN port was configured as DHCP. This means the LAN port will be looking for a DHCP server to get its IP address as will the PC. As there was not a DHCP server on the ClearOS LAN then neither got an IP address. You could set them both to static IP's on a different subnet to the TP-Link LAN but it is much easier to set the ClearOS LAN to static and enable the DHCP server. Normally you don't want a server LAN port to be DHCP as you always want it to have the same IP address all the time otherwise accessing it and the internet through it becomes very difficult.

    I notice you have three LAN NIC's. When you set them up, for a start they need to be on different subnets. Later on, if you are aiming to use ClearOS as a switch like the TP-Link, then you can bridge them but don't go down this route until you have everything working in a basic set up. Also it is generally easier to use a separate switch which are pretty cheap - you can even convert the TP-Link to just a switch later on and if it has wireless, to a WAP.
    The reply is currently minimized Show
  • Accepted Answer

    Sunday, January 21 2018, 04:01 PM - #Permalink
    Resolved
    0 votes
    Nick Howitt wrote:

    Don't disable the firewall for the moment in case you forget later. While playing around you could add a custom rule:
    $IPTABLES -I INPUT -s 192.168.0.0/24 -j ACCEPT
    This will allow all traffic from the TP-Link subnet.

    I think what you were trying to do is plug a ClearOS LAN port back into the TP-Link LAN subnet. You can't do this as you get a routing loop. The ClearOS LAN's must now all be on independent physical networks. This means you now need to connect a workstation either directly to the ClearOS LAN port or to a switch connected to the ClearOS LAN port. Before you do this, set the LAN NIC to Static and set up the DHCP Server. The LAN subnet must not be 192.168.0.0/24 as that is your WAN subnet. Also avoid 192.168.1.0/24.

    What you appear to have done initially is connect a PC to a LAN port, but the LAN port was configured as DHCP. This means the LAN port will be looking for a DHCP server to get its IP address as will the PC. As there was not a DHCP server on the ClearOS LAN then neither got an IP address. You could set them both to static IP's on a different subnet to the TP-Link LAN but it is much easier to set the ClearOS LAN to static and enable the DHCP server. Normally you don't want a server LAN port to be DHCP as you always want it to have the same IP address all the time otherwise accessing it and the internet through it becomes very difficult.

    I notice you have three LAN NIC's. When you set them up, for a start they need to be on different subnets. Later on, if you are aiming to use ClearOS as a switch like the TP-Link, then you can bridge them but don't go down this route until you have everything working in a basic set up. Also it is generally easier to use a separate switch which are pretty cheap - you can even convert the TP-Link to just a switch later on and if it has wireless, to a WAP.


    I set the second NIC to static LAN and assigned an IP of 192.168.0.150 and plugged in a laptop to the server port and link detected and traffic is coming through. I still have the first NIC (assigned as Dynamic WAN) set to external DHCP with and IP address as 192.168.0.134 connected to my existing network 16 port switch and I can still see the web config GUI fine now on the workstation.

    I think the next step would be to disconnect the first NIC (assigned as Dynamic WAN) connected to my 16 port LAN switch and connect it to my ISP modem then reboot the modem. I think the modem should supply the proper Dynamic addresses to the new server. (I hope) This would connect the modem (internet) to my network switch. My next question would be is what should I set the DNS server IP #1 and #2 on the web GUI to before I do the transfer? Right now the server is picking up the IP of my TPlink router. Should I override the IP in the web GUI and use the correct DNS settings from the ISP? Use Google DNS addresses or my ISP assigned values? I recorded the ISP DNS info from my TPlink modem data which is the following:

    Dynamic IP
    IP Address: 75.135.158.254
    DNS Server: 71.10.216.1 71.10.216.2
    Gateway: 75.135.158.1

    I want to keep my internet down time as short as possible also I must setup all my network devices after the changeover..Please let me know if I addressed this correctly.

    I really appreciate the prompt replies to my questions. After this my networking skills we be greatly improved. Thank you.
    The reply is currently minimized Show
  • Accepted Answer

    Sunday, January 21 2018, 04:30 PM - #Permalink
    Resolved
    0 votes
    You should not have the ClearOS LAN on the same subnet as its WAN and I really recommend avoiding the 192.168.0.0/24 and 192.168.1.0/24 subnets on your LAN but that is up to you. Typically you'd also give the ClearOS LAN a .1 or .254 address, but again it does not matter. If you change the ClearOS LAN subnet, remember to change the DHCP server as well so it serves out IP addresses in the same subnet.

    At this point you *should* be able to disconnect the TP-Link router and connect your ClearOS WAN to the modem but you may need to power cycle the modem afterwards. Don't worry about the TP-Link WAN IP. You should get a new one by DHCP. Use the ISP's automatic DNS settings to get started. You can always change them later (I change mine to OpenDNS or my own DNS server running unbound depending on how I am feeling)

    You can connect your switch to the ClearOS LAN and disconnect it from your ClearOS WAN before you start but you will have difficulties if your ClearOS LAN and WAN are on the same subnet.

    Tip - keep things simple when you start. Tweak once it is is working.
    The reply is currently minimized Show
Your Reply