How to Install ‘IPFire’ Free Firewall Linux Distribution

IPFire is one of the high-level flexible firewall with great features such as other firewall’s. IPFire will work as a firewall, VPN gateway, Proxy server, DHCP server, Time server, Caching name server, Wake-On-LAN, DDNS, Open VPN, Monitoring etc..

IPFire Firewall Installation Guide

IPFire Firewall Installation Guide

IPFire is released under GPL license and totally designed to use free. The developers keep the key things as security while the IPFire was build. Since IPFire will connect directly to the internet, due to this, there will be chances for hackers and threats to attack it. To avoid those threats and attacks Pakfire package manager helps administrators to keep the the packages database up-to-date in IPFire.

Basically IPfire was build using a super kernel with various threat, attacks, detect and compromise features and have a rich Graphical interface to use. IPfire have the feature to use samba and vsftpd file services. IPFire supports VDSL, ADSL, SDSL, Ethernet, 4G/3G type of dialups.

We can use IPFire in any kind of Virtual Environments such as KVM, VMware, XEN, Qemu, Microsoft Hyper-v, Oracle virtual box, Proxmox etc. and can be run in ARM Processor build machine’s such as Raspberry pi.

During IPFire installation, the network is configured into various different segments. These segmented security scheme indicates that there is a suitable place for each system in the network and can be enabled separately as per our requirements. Each segment act as a group of machines who share a common security level, which is described in four different colors of zones i.e. Green, Red, Blue, Orange.

  1. Green – This represents we are in a safe area. Client in Green area will be without any restrictions and connected Internal/locally.
  2. Red – This indicates that we are in a danger or the connection to the outside world, nothing will be allowed from firewall unless configured specially by the admins
  3. Blue – This represents the “wireless” network, which is used for local area network.
  4. Orange – This referred to as we are in “DMZ” demilitarized zone. Any servers which are accessible publicly are aparted from the rest of the network to minimize security breaches.

IPFire recently released it’s 2.15 Core update 86 version, which comes with the new graphical user interface that was completely re-designed and comes with massive new functionality.

IPFire Hardware Requirements

  1. Minimum i586 CPU (Intel Pentium 333 MHz).
  2. Minimum 256 MB of RAM, Recommended 512 MB.
  3. Minimum 1 GB of Hard disk Space, Recommended 2 GB, More size will be good.
  4. Minimum 2 Network cards with 1 GB transfer speed.
My Environment Setup
Host name		:	ipfire.tecmintlocal.com
IP address		:	192.168.1.1
Hard disk size		:	4 GB
Ethernet Cards	        :	2 No's

This article covers installation of IPFire with the things that you will need to configure during installation. The installation and configuration procedure will note take more than 10 to 15 minutes depending on the speed of your computer.

Step 1: IPFire Installation

1. Before heading up for the IPFire installation, make sure that your hardware is compatible with IPFire. Next, go the official IPFire Download page and grab the IPFire ISO image as per your requirements. This article covers the installation of IPFire using most popular method CD/DVD.

Alternatively, you can also use USB installation of IPFire, but you need to make your USB media as bootable image using Unetbootin tool.

2. After downloading ISO image, next burn the image to media like CD/DVD or USB and boot the media and choose Install IPFire 2.15 to start the installation.

Choose Install IPFire

Choose Install IPFire

3. Next, choose the Language as respective to your region.

Select IPFire Language

Select Language

4. At this step, you can see that, if you not wish to continue the setup you can Cancel setup and reboot the machine.

IPFire Welcome Screen

IPFire Welcome Screen

5. Accept for the license by pressing Space bar to choose, and press OK to continue.

Select IPFire License

Select IPFire License

6. In this step a warning will be raised as the data in the selected disk will be destroyed if we continue the installation. Choose Yes to get install IPFire and choose OK.

Prepare Disk for IPFire Installation

Prepare Disk for IPFire Installation

7. Next, choose the file system as EXT4 and continue to the future steps.

Select Filesystem Type

Select Filesystem Type

8. Once, you selected filesystem type, the installation begins and disk will be formatted and system files will be get installed.

IPFire Installation

IPFire Installation

9. Once installation completes, press OK to reboot to finalize the installation and continue with the further installation to configure ISDN, networks cards and system passwords.

IPFire Installation Completed

IPFire Installation Completed

10. After system reboot, it will prompt you IPFire boot menu option, select the default option by pressing enter key.

Boot IPFire

Boot IPFire

11. Next, select the type of Keyboard mapping Language from the drop-down list as shown below.

Choose Keyboard Language

Choose Keyboard Language

12. Next, choose the timezone from the list, Here I’ve choose “India” as my timezone region.

Choose IPFire Timezone

Choose IPFire Timezone

13. Choose a host name for our IPFirewall machine. By default it will be ipfire. I’m not going to make any changes in this steps.

Set Hostname

Set Hostname

14. Give a valid domain name, if you have a local DNS server or we can define it later. Here, I am using “tecmintlocal” as my local DNS server domain name.

Set Domain Name

Set Domain Name

15. Enter a password for root user, This will be used for Command-line access. I have used redhat123$ as my password.

Set IPFire root Password

Set IPFire root Password

16. Now here we need to provide a Password for admin user for IPFire GUI web interface. The password must be different from the command line access credentials for security reason’s.

Set IPFire Web Password

Set IPFire Web Password

Best Affordable Linux and WordPress Services For Your Business
Outsource Your Linux and WordPress Project and Get it Promptly Completed Remotely and Delivered Online.

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Get your own self-hosted blog with a Free Domain at ($3.45/month).
  4. Become a Supporter - Make a contribution via PayPal
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

Babin Lonston

I'm Working as a System Administrator for last 10 year's with 4 years experience with Linux Distributions, fall in love with text based operating systems.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

15 Responses

  1. Garron says:

    I need some help immediately please, I am trying to setup ipfire in my virtual environment and got to the stage where set-password is required but my keyboard won’t input anything in the field. Is there any special key to use for typing in there?

  2. Johan says:

    Thank you so much!!!!!!

  3. Francis says:

    Nice writeup.

    I’ve been using ipfire as my production firewall appliance for about 5 years. It is very simple yet very powerful.

    I moved to ipfire from ipcop years ago because of the active development and modern kernel. Ipcop was secure and functional but was just kind of stagnating on innovation and moving forward to operate on today’s hardware.

    I’m surprised I don’t see more about ipfire in any the tech sites I visit.

    Thanks for promoting this great tool!

  4. Jadson says:

    I can’t access the web interface after installation.
    I ping the green interface from my notebook and then ping my notebook from the virtualbox with the ipfire and it’s all right.

    My network range is 10.0.0.0 ~ 10.0.0.255
    IPFire range is 10.0.1.0 ~ 10.0.1.10

    I’ve tried access at: https://10.0.1.1:444 it loads for minutes, then it stops.

  5. jeran maglanque says:

    Sir can i know how to add another system administrator in ipfire to avoid in login to root password?

  6. RK SINGH says:

    My Red IP is 133.82.0.4/24 and Green IP is 133.82.0.1/20.
    IPFIRE is running on NAT.
    In above condition 133.82.0.xxx/20 IP address is not working in Green LAN.
    I want to disable the NAT and enable the routing.
    What are the procedure for disable the NAT and enable the routing between green to red.

  7. Deepanjan says:

    yes i have used the port no. i.e. 444 isn’t ?? but didn’t get any web console

  8. Babin says:

    You have two Ethernet cards ? Everything okay, Have you used the port number to access the Web UI ?

  9. Deepanjan says:

    Hi Babin,

    i am unable to get the web interface i have chosen GREEN+RED

    my current network design is

    Internet (ISP)–> Modem–> Ipfire
    Red= wan=192.168.1.5 via dhcp from internet modem/router
    Green=lan=192.168.100.8 static lan

    please help to get the web interface

    • Babin says:

      @Deepanjan You have two Ethernet cards ? Everything okay, Have you used the port number to access the Web UI ?

      • Deepanjan says:

        Yes I’v entered “https://192.168.100.8:444/” in the client browser. The IP is pinging from client machine and Service Scan on this IP reveiled “3 services running; 53:domain; 81:host2-ns; 444:snpp”.

        • Could you please give me the Network range of your Desktop? 192.168.1.0.x or 192.168.1.x? Or else? What is your Desktop IP range and have you tried by routing to 192.168.100.0 ?

          My desktop ip 192.168.0.254, network range is 192.168.0.0 but my ipfire range was 192.168.1.0 i have routed to 192.168.1.0 using:

          $ sudo route add default gw 192.168.0.254 eth0
          $ sudo route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.0.254 eth0
          
          This will allow us to access web UI in 192.168.1.1.

Leave a Reply to Babin Lonston Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.