How can I change default gateway for IPCop

I have an IPCop Server that I need to change the default gateway for. We need to switch the IP address for getting to the internet from 71.113.x.x (DSL) to 75.111.x.x (Comcast Cable) and increase our bandwidth.

I did not install this server and know little to nothing about IPCop, but it looks like eth0 on the server, which I do have root access to, is the interface that everything is going out. Eth0's IP address is the 71.113.x.x when I do an ifconfig eth0 as root (which is the static IP address from Verizon). I recently added a Comcast connection coming into our network and is connected to a firewall which I've got a VLAN set up on so everything from the network with IPCop goes out to a private IP address of (default gateway) on the Firewall and is sent to the 75.111.x.x Comcast cable internet, which has 8x the bandwidth as the DSL.

I've changed all the default gateways on each of the clients to and when IPCop is turned off in Internet Explorer I go right out the correct interface on the firewall and it works correctly. Problem is, this is a school and I need to have a web filter running. When IPCop is turned on, on the client, IPCop sends everything through the 71.113.x.x DSL connection and its much slower.

Can I do this through the GUI Admin portion? I can't find where I can do it there.

So the problem is knowing how to change IPCop so it goes out the new internet connection so I can use the bandwidth until I get better web filtering solution. Any help would be appreciated. I can't turn off the DSL and stop paying for it until everything goes out the Comcast connection.
Who is Participating?
Pierre FrançoisConnect With a Mentor Senior consultantCommented:
Regarding the network interfaces: eth0 (GREEN) is the LAN side, and eth1 (RED) is the WAN side of IPCop. See <>.

You can't do your changes through the webinterface. You will have to login into a root shell on IPCop for getting a character oriented GUI.

So, for changing the gateway, you login into your IPCop:
ssh -p 222 -l root

Open in new window

And you run the setup utility:

Open in new window

Go to Networking > DNS and gateway settings > Default gateway.

That's it.
Please post output of route -n or netstat -rn from IPCop server. Also ifconfig output will be useful.
Pierre FrançoisSenior consultantCommented:
Did it work?
Increase Security & Decrease Risk with NSPM Tools

Analyst firm, Enterprise Management Associates (EMA) reveals significant benefits to enterprises when using Network Security Policy Management (NSPM) solutions, while organizations without, experienced issues including non standard security policies and failed cloud migrations

jim34Author Commented:
Thanks pfrancois and fidelios. I'll try to see if I can try this today. My problem with having this going fast is I'm actually a volunteer on the Technology Committee for my daughter's grade school (which is who this is for) and don't have physical access to any of this until I get off work and work it out with the grade school's tech coordinator to hook up and try these things. I do have an admin password, but don't have a key to get into the server room where all this is located.

I run a high school and we don't have IPCop which is why I need the help. We're actually trying to hunt down the volunteer parent who set this up, and finally got a name and an email address for him over the weekend.

The eth0 interface says 71.113.x.x (DSL). Shouldn't we change that to the new IP address of 75.111.x.x or does it even matter as long as the default gateway is set to 75.111.x.x and everything goes out there? Hopefully I can get over there to change the default gateway today and see if that works.

Pierre FrançoisSenior consultantCommented:
You don't need to have physical access to the machine running IPCop: it is enough for you to login into that machine with any ssh-client.

Be aware you need to have 2 passwords: one for admin (web interface) and one for root (ssh command line interface), depending on what you want to do.

For understanding your third paragraph, I need more explanation: a small sketch of the wiring with IP addresses of the RED network, i.e. the modems and all the stuff between IPCop and the Internet, would be very useful.
FideliusConnect With a Mentor Commented:

If I got it correctly, before Comcast cable, link from Verizon DSL router was directly connected to IPCop server, and IPCop GREEN interface was default gateway for all PC's, as the switch on wich all hosts are connected was directly connected to IPCop.

Now you added in between, Comcast cable modem and IPCop server, firewall. Also, I assume GREEN interface on IPCop server is from 192.168.1.x subnet, and the switch on which all PC hosts are connected is directly conected to firewall and to IPCop GREEN interface.

If all my assumptions are correct, what you need to do is as follows:
1. Change IP address between IPCop an firewall to for example 192.168.100.x, and give IPCop eth0 address from that range.
2. Disconnect host switch from firewall, and connect it to GREEN interface on IPCop server
3. Change default IP address on all hosts to IP of IPCop's GREEN interface

If I got something wrong, please provide network topology you had before, and one you are trying to achieve. Thanks!

Pierre FrançoisSenior consultantCommented:
@Fidelius: you agree with me we need some clarification about the wiring scheme. I am not sure which gateway jim34 is speaking about: the gateway for IPCop itself to get on the Internet, or the gateway IPCop is giving to the computers of the LAN by the DHCP server to get connected to IPCop. I think there is a confusion amongst both. In the same way, from his explanation, I am not able to figure out if 192.168.1.x is the GREEN network or the RED network.

Anyway, the IP range you propose for the RED subnet (between IPCop and the router connected to the Internet) affects eth1, not eth0.

Best regards.
@pfrancois: I agree we need more info, and complete picture.

My assumptions for IP address were based on info that eth0 has 71.113.x.x (DSL) from original post. So that must be RED interface.
Also, if jim34 put on all clients as default gateway, all client must be on network. I'm almost certan that GREEN interface has IP
@jim34: Jim please confirm that assumption.

So at the end, internal network should stay the same as it was with DSL line, he needs only to change RED interface parameters (IP address, mask, default gateway) to comply with new configuration.

To be on safe side, we definitely need more clarifications from jim34.

jim34Author Commented:
Thanks for the time you've spent on this, but I went ahead and bypassed IPCop completely and took it out. The new comcast internet connection was put on a Fortinet 80c firewall. I went ahead and got a admin password from the people who installed it and set up a web filtering profile on the vlan with the grade school on it yesterday. I turned off the GPO setting the proxy in IE and restarted the machines. This took IPCop completely out of the picture and we're good to go.

I'd love to give you points for the time you put in, but I'm not sure if I can. Please let me know and any points I can award I'll split between Fidelious and pfrancois.
Pierre FrançoisSenior consultantCommented:
Since the answer of your initial question is here above (ssh login and run setup), I should give points... :D
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.