Forums

Resolved
0 votes
Hello people.
I charge for my english

My Clearos was working perfectly until I was forced to change my internet operator.
Clearos acts as a gateway, proxy server and content filter. Proxy mode: non-transparent + user authentication
My internet operator modem was configured as a bridge and the current one I can't put as a bridge, so I turned on the local DMZ to Clearos.
I currently have the internet modem configured 192.168.100.75
Clearos static enp1s0: 192.168.100.76, gateway: 192.168.100.75, DNS: 192.168.100.75
Computers that are manually configured the proxy on port 8080 ok
I'm having a problem with computers and devices connected to my wi-fi (access point) that I don't want to go through the proxy and content filter, these used to work normally, but now computers keep asking me to enable as proxy server settings and wi-fi devices do not connect to the internet.

Could someone give me a hand in what can be?

Thanks
Tuesday, August 03 2021, 03:57 PM
Share this post:
Responses (3)
  • Accepted Answer

    Wednesday, August 04 2021, 07:35 AM - #Permalink
    Resolved
    0 votes
    This should have nothing to do with changing your ISP as ClearOS, as a router isolates, the LAN from the WAN so whatever happens on the WAN side of ClearOS should not affect the LAN side and no changes should have been needed for any LAN machine either.

    I note from your output that your external IP in ClearOS is 192.168.100.100 and not 192.168.100.76. Which is correct?

    Your LAN configuration looks correct but I so not see how you can configure WiFi devices to bypass the proxy automatically. The problem is that, as they connect, they get their IP address from ClearOS DHCP and each IP address they get will need to be added to the proxy bypass. Note that some WiFi devices randomise their MAC addresses these days so they get a different IP address each time they connect to the network. If this is an issue your can ask the users to override this option.

    There is a trick you can pull if you make all your wired devices static or give them static leases outside the DHCP scope. Then you can add your whole DHCP range to the proxy bypass, but to do that it is best to give your DHCP server a proper subnet, e.g, in your case 192.168.0.128/26. To move all your static devices outside this range can be a bit of a pain. From memory you need to stop dnsmasq and then remove the lease from /var/lib/dnsmasq/dnsmasq.leases then assign the static IP in the webconfig or by editing /etc/ethers then restart dnsmasq. You can't do it with dnsmasq running. After that I think you need to release and renew the lease on the client or reboot it.
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, August 03 2021, 10:18 PM - #Permalink
    Resolved
    0 votes
    Nick Howitt wrote:

    How is your WiFi NIC connected to your network? Is it a router acting as a WAP? If it is, does your ClearOS LAN connect to the WAP LAN or WAN port?


    Hi Nick, thank you very much for your reply.

    Wi-fi is an Access Point, it has only one network entrance, where I configure the IP and Gateway.
    A cable leaves the modem and goes to the clearos, from another card it leaves the clearos and goes to the switch, and the switch goes to Wi-Fi (access point).

    The whole problem is actually because I changed the modem and this one has no way to configure bridge, it is currently as IPoE and with the DMZ for Clearos.

    Am I having a double nat problem?



    ifconfig | grep '^\S' -A 1
    enp1s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
    inet 192.168.100.100 netmask 255.255.255.0 broadcast 192.168.100.255
    --
    enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
    inet 192.168.0.28 netmask 255.255.255.0 broadcast 192.168.0.255
    --
    lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
    inet 127.0.0.1 netmask 255.0.0.0


    cat /etc/clearos/network.conf
    # Network mode
    MODE="gateway"

    # Network interface roles
    EXTIF="enp1s0"
    LANIF="enp3s0"
    DMZIF=""
    HOTIF=""

    # Domain and Internet Hostname
    DEFAULT_DOMAIN="imag.com"
    INTERNET_HOSTNAME="cavallieri.imag.com"

    # Extra LANS
    EXTRALANS=""

    # ISP Maximum Speeds
    ENP1S0_MAX_DOWNSTREAM=0
    ENP1S0_MAX_UPSTREAM=0



    cat /etc/dnsmasq.d/dhcp.conf
    dhcp-option=enp3s0,1,255.255.255.0
    dhcp-option=enp3s0,28,192.168.0.255
    dhcp-option=enp3s0,3,192.168.0.28
    dhcp-option=enp3s0,6,192.168.0.28
    dhcp-range=enp3s0,192.168.0.100,192.168.0.254,24h
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, August 03 2021, 05:41 PM - #Permalink
    Resolved
    0 votes
    How is your WiFi NIC connected to your network? Is it a router acting as a WAP? If it is, does your ClearOS LAN connect to the WAP LAN or WAN port?

    What is the output to
    ifconfig | grep '^\S' -A 1
    cat /etc/clearos/network.conf
    cat /etc/dnsmasq.d/dhcp.conf
    The reply is currently minimized Show
Your Reply