Saturday, 17 December 2016

How to Install and Configure IPFire Firewall

IP Fire is an open source firewall distribution. It can be used as a firewall, a proxy server or a VPN gateway.It has following features.

  • Easily configurable
  • Support true random generator
  • High availability
  • Hardware accelerator for cryptography algorithm (AES-NI)
IPFire is forked from IPCop and Endian firewall distro's. Installation and basic configuration of firewall is given in following section.

Installation

In this tutorial, IPfire firewall will be installed on the VM, created on the Virtual Box software. The detail of our VM is given below.
VM details
After clicking on start button, following window appears for IPfire installation.
installation using iso
Press "Enter" button to start installation procedure.  Select the desired language from the given list.
language selection
Press "Enter" button to start installation and accept GPL license.
start installation
GPL license acceptance is shown following.
accept gpl lincese
After GPL license acceptance, windows appear for the partition of  hard disk and filesystem. Ext4 file system is selected in this installation of IPfire.
disk setup
File system selection is shown below.
file system selection
IPfire installation progress is shown in the below figure.
installation of the system
IPfire firewall successfully  installed on the VM.
successfully installed

Configuration

After reboot, basic configuration of IPfire firewall will be done. First of all, keyboard layout and time zone  are selected.
keyboard selection
time zone
Host name and local domain setting for IPfire firewall.
setting hostname
setting local domainPassword setting for root user which is used for CLI access of IPfire.
setting root user password
Password setting for admin user which is used for web access of IPfire.
admin user setting
Network configuration of IPfire is shown below. As shown in the figure that the default network configuration isGREEN RED zones . However, it supports BLUE and ORANGE zones as well
networking creation greenandred
IPfire supported zones are shown in the following figure.
networking configuration types
In a standard IPfire  firewall installation, Green Red means 2 Networks. Green network for home or LAN side and  Red network for  internet/external connection.
Usage of each zone is given in the following table.
zone
Assignment of available NICs to GREEN and RED zone is shown in the following snapshots.
GREEN zone
assinging cards
RED zone
red selection
Interfaces assigned to both GREEN and RED zones are shown in the below figure.
card selected
IP address setting for GREEN zone is shown below.
address selection on green
Assigned IP address and net mask is following IP = 192.168.1.115 , Net mask = 255.255.255.0
 ip address on green
IP address setting for RED zone is shown below.
red ip address setting
Assigned Static IP address and net mask are  following.  However, DHCP and PPP DIALUP (PPPoE) modes are also supported on RED interface for IP assignment.
IP = 192.168.100.1 , Net mask = 255.255.255.0
red ip address
DNS and Gateway setting for  RED interface are shown in the following snapshot.
dns and gateway setting
DHCP configuration on the GREEN interface for automatic IP assignment is given below.
dhcp server on green side configuraiton
After DHCP configuration, basic setting of IPfire are complete.
coplete setup
IPfire will reboot to apply changes and gives CLI access to user "root".
setup complete and restarting
To access CLI , enter password for user "root".
cli login
root login
Web Access of IPfire is required for further configuration. It is also used to configure firewall rules, snort configuration and VPN setting etc.
Enter IP address of GREEN interface along port 444 for web interface access. All web browsers gives exception due to untrusted certificates. Therefore accept the exception  to view the web pages.
web interface access
accept exception
Enter password for "admin" user to access the pages.
web access cred
After correct username and password, following main dashboard appears, which shows the network configuration (IP addresses on RED and GREEN zones).
main dashboard

IPFire Menu

System

This menu is used for basic setting of the  IPFire machine such as enabling ssh access, backup and setting web access password etc. System sub menu is shown in the following figure.
system menu

Status

In this menu, firewall administrator view the status of system resources such as RAM & CPU, internal and external network, entropy for TRNG and statistics for VPN's.
status

Network

As shown in the following figure that network settings such as static routing, webproxy, url filtering and wake on Lan etc is available under this menu
network menu

Services

Services such as VPN which include IPsec & OpenVPN , intrusion detection, QoS , time server etc  are listed under this menu.
services

Firewall

Main feature of IPFire distribution is providing firewall feature. Administrator or user  uses this menu to push  iptables rules on back end.
firewall

IPFire

Pakfire is used to install Addons/packages on the IPFire machine for more feature.
ipfire

Logs

As shown in the following figure that, logs of services such has IDS, firewall, proxy  and system can be view from Logs menu.
logs

Conclusion

In this article, our focus was installation and configuration of another open source firewall, IPFire. It is forked from well-known open source firewalls IPCop and Endian. It provides high availability, usage of TRNG and AES-NI features.