For all install media IPCop will automatically continue with its installation, by setting up its initial configuration.
Many people leave the time zone as London or UTC. This allows you to leave your PC's hardware clock set to the local time. There is a disadvantage to this setting. If your local time zone changes from Winter to Summer or Daylight Savings to Standard time, you will have to remember to manually change the IPCop PC's clock. If you set the time zone to your correct time zone, IPCop will automatically change the time for you.
The default of “ipcop” is fine. You may want to change this if you are planning on setting up a VPN and allowing administration across your VPN. In this case you may want to give each IPCop machine a unique hostname, such as ipcop1, ipcop2, millie, steve, bob, etc.
The next screen starts a series of dialogs that will help you set up your ISDN card. If you do not have an ISDN card, select Disable ISDN, and setup will continue with USB ADSL modem setup.
IPCop will probe for the card type, if you select AUTODETECT. If necessary, you can manually select the card you have.
If you do not have one, select Disable USB ADSL and setup will continue with your network configuration, below.
The RED interface is considered the hostile network and can connect via Ethernet, ISDN, analog or ADSL modem. This dialog lets you choose your network configuration type.
When you select Ok, you will be returned to the Network Configuration Menu, above. Tab to the Drivers and card assignments line, select it and press the Enter key.
If your RED interface uses an Ethernet connection, configuration is identical to the way you configured your GREEN interface, above.
If your RED interface does not use an Ethernet connection, skip to the discussion about configuring your ORANGE network interface.
After configuring your Ethernet card and driver information for the RED interface, return to the Network Configuration Menu by selecting the Done button.
Static addressing is used when your ISP has supplied you with a permanent IP address. Enter it in the IP address box of the dialog. IPCop will automatically choose a Network mask. You may modify the network mask as needed.
DHCP is used when your ISP has indicated you are to use automatic addressing.
Some ISP's, require you to provide a hostname to their DHCP server. This probably is not IPCop's hostname. If it's needed, you can probably use the first part of the fully qualified domain name you noted while gathering the network parameters, above.
If your connection is via PPPOE, your ISP will supply all necessary information during the initial connection, so you won't have to do anything, after selecting it.
If your connection is via PPTP, you will have to supply your RED network IP address and Network mask, just like the static addressing case. This address is almost always 10.0.0.150 with a network mask of 255.255.255.0.
You can even reconfigure your GREEN interface at this time, by selecting it from the interface menu.
When you are done, select the Ok button, to return to the Network Configuration Menu.
You can delay setting up IPCop's DHCP server until after the installation completes. See the Administration Manual for a description of the web based method of enabling and configuring the DHCP server.
You must select Enabled to enable the DHCP server.
The Start and End addresses define a range of addresses that IPCop's DHCP server will assign to computers when they ask for an address. Do not use your full network range for DHCP. At a minimum leave out IPCop's address. As a practical matter, at some future point in time you may wish to run servers that are only accessible from within your GREEN network. Whether they run FTP servers, web servers, sendmail or any other service that needs a permanent address. These servers should be assigned IP addresses outside the dynamic DHCP range. A good range might be from 192.168.1.200 to 192.168.1.250. This will allow 51 concurrently connected computers on your GREEN network.
DHCP will pass out one or two DNS server addresses in addition to IP addresses. If you wish to run IPCop's DNS proxy, the first should be IPCop's IP address. You can enter a second DNS address as well. If you do not want to use IPCop's DNS proxy and are using Static IP addresses, use the DNS servers you specified while setting up your RED interface.
DHCP works by passing out leases on dynamic addresses that expire after a certain amount of time. Default lease time specifies the default lease time in minutes that DHCP will offer. After the default lease time, the client computer will attempt to ask for a new lease time for its acquired address. When the maximum lease time has expired, the client computer is no longer allowed to ask for the acquired IP address, but the server may still pass out a lease on the acquired address.
Finally, the Domain name suffix allows you to specify a suffix that is automatically appended to DNS requests if the initial name can't be found. Many ISPs set up a domain name suffix, and then tell users to enter “mail”, “news”, or “www” to get to services. What really happens under the hood is that a DNS request is sent out for “mail” first. When the DNS servers indicate that they don't know an IP address for mail, the next request is sent out with the domain name suffix appended, i.e. “mail.xxx.yyy.zzz.com” To make life easier, you may wish to add this suffix in the Domain name suffix line.
Unfortunately, space does not permit enough room on this line for some domain name suffixes. Please check the Administration Manual for another way to specify the suffix, which allows for a virtually unlimited length domain name suffix.
When you are done with the DHCP server configuration select the Ok button.
If you are familiar with Linux you may wish to do maintenance on IPCop. There are only two Linux user ids that are allowed to log on to the firewall root and setup. Enter the root password twice. Be careful, the root userid has the “keys to the kingdom” of your firewall. If someone gets its password they can cause all sorts of mischief. By default root is only allowed to log in via the console, though.
This user id will immediately start running the setup command. When the setup command completes the user will be logged out. Again, be careful of this password. The setup user and command are very powerful.
The IPCop web pages will prompt you for this user ID and password when you use the IPCop web pages to administer IPCop. Unlike root and setup user passwords, web browsers do not handle special characters in passwords very well. Limit your admin password to upper lower case alphanumeric characters.
You've completed your IPCop installation. Press Ok to reboot. After reboot is complete, you will undoubtedly need to perform some administrative tasks to complete you setup. For a complete description of how to administer IPCop, please check the Administration Manual.