How to Install and Configure IPFire Firewall

IPFire is an open source firewall distribution. It can be used as a firewall, a proxy server or a VPN gateway.It has following features.

  • Easily configurable
  • Support true random generator
  • High availability
  • Hardware accelerator for cryptography algorithm (AES-NI)

IPFire is forked from IPCop and Endian firewall distro's. Installation and basic configuration of firewall is given in following section.


In this tutorial, IPfire firewall will be installed on the VM, created on the Virtual Box software. The detail of our VM is given below.

VM details

After clicking on start button, following window appears for IPfire installation.

installation using iso

Press "Enter" button to start installation procedure.  Select the desired language from the given list.

language selection

Press "Enter" button to start installation and accept GPL license.

start installation

GPL license acceptance is shown following.

accept gpl lincese

After GPL license acceptance, windows appear for the partition of  hard disk and filesystem. Ext4 file system is selected in this installation of IPfire.

disk setup

File system selection is shown below.

file system selection

IPfire installation progress is shown in the below figure.

installation of the system

IPfire firewall successfully  installed on the VM.

successfully installed


After reboot, basic configuration of IPfire firewall will be done. First of all, keyboard layout and time zone  are selected.

keyboard selection
time zone

Host name and local domain setting for IPfire firewall.

setting hostname
setting local domain

Password setting for root user which is used for CLI access of IPfire.

setting root user password

Password setting for admin user which is used for web access of IPfire.

admin user setting

Network configuration of IPfire is shown below. As shown in the figure that the default network configuration is GREEN & RED zones . However, it supports BLUE and ORANGE zones as well

networking creation greenandred

IPfire supported zones are shown in the following figure.

networking configuration types

In a standard IPfire  firewall installation, Green + Red means 2 Networks. Green network for home or LAN side and  Red network for  internet/external connection.

Usage of each zone is given in the following table.


Assignment of available NICs to GREEN and RED zone is shown in the following snapshots.

GREEN zone

assinging cards

RED zone

red selection

Interfaces assigned to both GREEN and RED zones are shown in the below figure.

card selected

IP address setting for GREEN zone is shown below.

address selection on green

Assigned IP address and net mask is following IP = , Net mask =

ip address on green

IP address setting for RED zone is shown below.

red ip address setting

Assigned Static IP address and net mask are  following.  However, DHCP and PPP DIALUP (PPPoE) modes are also supported on RED interface for IP assignment.

IP = , Net mask =

red ip address

DNS and Gateway setting for  RED interface are shown in the following snapshot.

dns and gateway setting

DHCP configuration on the GREEN interface for automatic IP assignment is given below.

dhcp server on green side configuraiton

After DHCP configuration, basic setting of IPfire are complete.

coplete setup

IPfire will reboot to apply changes and gives CLI access to user "root".

setup complete and restarting

To access CLI , enter password for user "root".

cli login
root login

Web Access of IPfire is required for further configuration. It is also used to configure firewall rules, snort configuration and VPN setting etc.

Enter IP address of GREEN interface along port 444 for web interface access. All web browsers gives exception due to untrusted certificates. Therefore accept the exception  to view the web pages.

web interface access
accept exception

Enter password for "admin" user to access the pages.

web access cred

After correct username and password, following main dashboard appears, which shows the network configuration (IP addresses on RED and GREEN zones).

main dashboard

IPFire Menu


This menu is used for basic setting of the  IPFire machine such as enabling ssh access, backup and setting web access password etc. System sub menu is shown in the following figure.

system menu


In this menu, firewall administrator view the status of system resources such as RAM & CPU, internal and external network, entropy for TRNG and statistics for VPN's.



As shown in the following figure that network settings such as static routing, webproxy, url filtering and wake on Lan etc is available under this menu

network menu


Services such as VPN which include IPsec & OpenVPN , intrusion detection, QoS , time server etc  are listed under this menu.



Main feature of IPFire distribution is providing firewall feature. Administrator or user  uses this menu to push  iptables rules on back end.



Pakfire is used to install Addons/packages on the IPFire machine for more feature.



As shown in the following figure that, logs of services such has IDS, firewall, proxy  and system can be view from Logs menu.



In this article, our focus was installation and configuration of another open source firewall, IPFire. It is forked from well-known open source firewalls IPCop and Endian. It provides high availability, usage of TRNG and AES-NI features.

3 Comments... add one

  1. Having issues with the setup, hope you can help ...
    VirtualBox setup is nic1=bridged nic2=internal network (like yours) my local net is 10.* Installed v2.19-core120.
    I configure red as DHCP and get (good) I configure green as
    then I try ... problem loading page, connection timeout.


Leave a Comment