Tutorial: How to setup Firewalla Box with a static IP Address through command line

This guide is in Beta, and for advanced users only.   This Guide is for Red/Blue users only. 

Firewalla by design requires DHCP on the first boot.  In certain situations, you may want to assign static IP to your system.  This small document will provide some directions.   

If you want to install Firewalla in a network that doesn't have DHCP service enabled, you can follow the instructions below to set a static IP address for Firewalla Box.

Assume you are using your PC for network configuration.  And your firewalla have not been paired before. 

Step 1: Connect Firewalla Box to a temporary network that has DHCP service enabled, and connect your PC to the same network as Firewalla Box. (You will reconnect Firewalla back to the original network after static IP address is configured)

Step 2: Manually change your laptop's IP address to 192.168.218.2 with netmask 255.255.255.0

* External References:

• How to setup a static IP address in Mac OSX?
• How to setup a static IP address in Windows?

Step 3: ssh pi@192.168.218.1, password: Please Get it here 

(Firewalla Box has a hard coded IP address 192.168.218.1, which you can use to connect for setup even when DHCP service is not available.)

Step 4: Open file /etc/network/interfaces, find text "iface eth0 inet dhcp", change it to "iface eth0 inet static", and add the following text after that, replace <ip>, <netmask>, <gateway>, <dns server> with the ones that you want to configure, save and exit editor

iface eth0 inet static
    address <ip>
    netmask <netmask>
    gateway <gateway>
    dns-nameservers <dns servers>

Here is an example for reference:

iface eth0 inet static
    address 192.168.86.227
    netmask 255.255.255.0
    gateway 192.168.86.1
    dns-nameservers 192.168.86.1

 Note: This static network configuration is for the original network.

Step 5: Disable dnsmasq in NetworkManager. Open file /etc/NetworkManager/NetworkManager.conf, and comment out this line: dns=dnsmasq 

The file will look like

[main]
plugins=ifupdown,keyfile,ofono
#dns=dnsmasq

[ifupdown]
managed=true

save and exit text editor when done editing

Step 6: Unplug Firewalla and reconnect Firewalla back to the original network, also connect your PC to the original network, and ssh Firewalla with the new configured static IP address. 

ssh pi@<new_firewalla_ip>

run this command to list network details:

pi@Firewalla:~ (Walla) $ nmcli device show eth0
...
IP4.ADDRESS[1]: 192.168.86.227/24
IP4.ADDRESS[2]: 192.168.218.1/24
IP4.GATEWAY: 192.168.86.1
IP4.ROUTE[1]: dst = 169.254.0.0/16, nh = 0.0.0.0, mt = 1000
IP4.DNS[1]: 192.168.86.1
...