2.6.4. Address Filter Administrative Web Page

This section allows you to configure a Wireless Access Point on the Blue network connected to IPCop. This is 100% optional, so you may safely ignore this section if you do not wish to make use of this feature.

Note

This page will only be visible if you have installed and configured a Blue network interface card.

2.6.4.1. Setup

To setup Address Filter do the following:

  1. Use a supported Ethernet card to setup the Blue interface.

  2. Connect an Access Point to that Ethernet card. (Use the LAN Ethernet port on the AP, if you have a choice of ports).

  3. You can use DHCP to serve dynamic or fixed addresses on Blue, although fixed is preferred for security of MAC addresses. Refer to the DHCP Server section for more information on configuring fixed leases.

If you only need to provide access for http traffic on the Blue network to the Internet (Red network), just add the IP Address or the MAC Address of the Wireless Router, or the individual wireless connected devices if you are using an Access Point, via the web page shown below. You have to enter at least one MAC or one IP Address per device. Optionally, you can enter both MAC and IP Address for a device.

An Access Point behaves like an Ethernet hub, and IPCop serves out DHCP leases through it to wireless devices. A Wireless Router does NAT, serves out DHCP on it's own subnet, and has it's own access controls.

Note

Your Access Point must support DHCP passthrough if you want IPCop to serve DHCP leases through it to your Wireless Network. Not all devices support this feature in Access Point “mode” (Netgear WG614, for instance).

You will be able to view IPCop's web interface from a computer on the Blue network, but you will not be able to connect to the Green network without some additional work.

To connect to the Green network from the Blue network, you have to either:

  1. Use the Firewall Rules page and create Internal Traffic rules to shoot bullet holes through the Blue interface for your services, or:

  2. Setup a VPN for your road-warriors on Blue to provide access.

2.6.4.2. Adding a device

In the Add Device section you input the IP Address or the MAC Address of a wireless Access Point, or any device on the Blue network that you want to connect to the Internet through IPCop.

Figure 2.43. Add device

Add device section

IP Address (optional).  You have to enter at least one IP or one MAC Address per device, or both.

If you use DHCP on the Blue Network, and want to allow any device to connect and access the Red Network, you must add an entry for every IP address in your DHCP range to this list. Leave the MAC Address field empty when adding each IP Address.

MAC Address (optional).  Conversely, if you want to restrict access to known devices, add the MAC address of each device, and leave the IP Address field empty. That will allow listed devices to connect regardless of the DHCP lease they receive.

Remark (optional).  If you want, you can include a string of text to describe or identify the device.

Add.  Once you have entered all the information, press the Add button. This will move the entry to the next section, and list it as enabled.

2.6.4.3. Current devices

The Devices on Blue section lists the current entries.

Figure 2.44. Devices on Blue

Devices on Blue section

To remove an entry, click the Trash Can icon. To edit one, click the Yellow Pencil icon.

To enable or disable a device - click on the checkbox in the Action column for the particular machine you want to enable or disable. The icon changes to an empty box when a device is disabled. Click on the checkbox to enable it again.

If the DHCP server is enabled for the Blue network, the Current DHCP leases on Blue section will be displayed.

Figure 2.45. Current DHCP leases on Blue

Current DHCP leases on Blue section

There is a quick way of adding machines to the device list. You just have to click on the Blue Pencil Plus icon for a device to be added to the list of enabled devices.

You can then edit the entry, if necessary, by clicking the Yellow Pencil icon, as before.

2.6.4.4. Open Access Point

If you don't need or want to control who connects to the Internet (Red network) through your Blue access point, so any wireless device can join the Blue network:

  1. Enable DHCP on Blue.

  2. Disable Address Filter control in the Firewall Interface Policy section.

You don't need to add individual devices or individual addresses when Address Filter control is turned off.