Link to home
Start Free TrialLog in
Avatar of jim34
jim34Flag for United States of America

asked on

How can I change default gateway for IPCop

I have an IPCop Server that I need to change the default gateway for. We need to switch the IP address for getting to the internet from 71.113.x.x (DSL) to 75.111.x.x (Comcast Cable) and increase our bandwidth.

I did not install this server and know little to nothing about IPCop, but it looks like eth0 on the server, which I do have root access to, is the interface that everything is going out. Eth0's IP address is the 71.113.x.x when I do an ifconfig eth0 as root (which is the static IP address from Verizon). I recently added a Comcast connection coming into our network and is connected to a firewall which I've got a VLAN set up on so everything from the network with IPCop goes out to a private IP address of (default gateway) on the Firewall and is sent to the 75.111.x.x Comcast cable internet, which has 8x the bandwidth as the DSL.

I've changed all the default gateways on each of the clients to and when IPCop is turned off in Internet Explorer I go right out the correct interface on the firewall and it works correctly. Problem is, this is a school and I need to have a web filter running. When IPCop is turned on, on the client, IPCop sends everything through the 71.113.x.x DSL connection and its much slower.

Can I do this through the GUI Admin portion? I can't find where I can do it there.

So the problem is knowing how to change IPCop so it goes out the new internet connection so I can use the bandwidth until I get better web filtering solution. Any help would be appreciated. I can't turn off the DSL and stop paying for it until everything goes out the Comcast connection.
Avatar of Fidelius
Flag of Croatia image

Please post output of route -n or netstat -rn from IPCop server. Also ifconfig output will be useful.
Avatar of Pierre François
Pierre François
Flag of Belgium image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Did it work?
Avatar of jim34


Thanks pfrancois and fidelios. I'll try to see if I can try this today. My problem with having this going fast is I'm actually a volunteer on the Technology Committee for my daughter's grade school (which is who this is for) and don't have physical access to any of this until I get off work and work it out with the grade school's tech coordinator to hook up and try these things. I do have an admin password, but don't have a key to get into the server room where all this is located.

I run a high school and we don't have IPCop which is why I need the help. We're actually trying to hunt down the volunteer parent who set this up, and finally got a name and an email address for him over the weekend.

The eth0 interface says 71.113.x.x (DSL). Shouldn't we change that to the new IP address of 75.111.x.x or does it even matter as long as the default gateway is set to 75.111.x.x and everything goes out there? Hopefully I can get over there to change the default gateway today and see if that works.

You don't need to have physical access to the machine running IPCop: it is enough for you to login into that machine with any ssh-client.

Be aware you need to have 2 passwords: one for admin (web interface) and one for root (ssh command line interface), depending on what you want to do.

For understanding your third paragraph, I need more explanation: a small sketch of the wiring with IP addresses of the RED network, i.e. the modems and all the stuff between IPCop and the Internet, would be very useful.
Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
@Fidelius: you agree with me we need some clarification about the wiring scheme. I am not sure which gateway jim34 is speaking about: the gateway for IPCop itself to get on the Internet, or the gateway IPCop is giving to the computers of the LAN by the DHCP server to get connected to IPCop. I think there is a confusion amongst both. In the same way, from his explanation, I am not able to figure out if 192.168.1.x is the GREEN network or the RED network.

Anyway, the IP range you propose for the RED subnet (between IPCop and the router connected to the Internet) affects eth1, not eth0.

Best regards.
@pfrancois: I agree we need more info, and complete picture.

My assumptions for IP address were based on info that eth0 has 71.113.x.x (DSL) from original post. So that must be RED interface.
Also, if jim34 put on all clients as default gateway, all client must be on network. I'm almost certan that GREEN interface has IP
@jim34: Jim please confirm that assumption.

So at the end, internal network should stay the same as it was with DSL line, he needs only to change RED interface parameters (IP address, mask, default gateway) to comply with new configuration.

To be on safe side, we definitely need more clarifications from jim34.

Avatar of jim34


Thanks for the time you've spent on this, but I went ahead and bypassed IPCop completely and took it out. The new comcast internet connection was put on a Fortinet 80c firewall. I went ahead and got a admin password from the people who installed it and set up a web filtering profile on the vlan with the grade school on it yesterday. I turned off the GPO setting the proxy in IE and restarted the machines. This took IPCop completely out of the picture and we're good to go.

I'd love to give you points for the time you put in, but I'm not sure if I can. Please let me know and any points I can award I'll split between Fidelious and pfrancois.
Since the answer of your initial question is here above (ssh login and run setup), I should give points... :D