As of version 1.97 of the Gold:
Tips For Installing Gold
- If you are installing the Gold in router mode, make sure your phone is connected to the internet, either through wifi (that still works) or LTE/4G.
- If you are working with a modem/router, you may need to reboot that unit after unplugging your old router. (Example, Comcast, Virgin)
How do I change the DNS server?
The DNS server can be changed on the LAN segment only.
Network->[tap on the top right edit]->tap on any segment->tap on primary/secondary DNS, you should be able to edit it.
How do I do port forwarding?
You can either go to Network Manager -> NAT settings -> Port forwarding, or Device Detail -> Ports to add Port forwarding.
How do I reserve IP for devices?
On Device List, select the device you'd like to reserve IP Address for, scroll down to locate the IP Address, tap on it. You can switch the IP Allocation method among Dynamic, Reserved, Do Not Allocate.
Select Reserved, tap on the IP address, then you can edit and reserve the IP Address for this device.
Why does the Gold feel hot?
The Gold is passively cooled, please place the unit in a well-vented area. From our manufacture "the surface temperature will reach 60°C / 140°F when the room temperature is 31°C / 88°F and all CPU cores are 100% loaded". The unit may get hot/warm to the touch. (The Aluminum case conducts heat well, so it will feel hotter when you touch it)
How Do I configure Segment?
In order to configure a segment, you will need to tap on the "Edit" button
Tap on Network button
Tap on the top right edit button
Tap on the Segment
[configure]
Make sure you "Save" top right button when done
How to configure Firewalla Gold DHCP mode overlay network?
Firewalla Gold in DHCP mode automatically sets the overlay network as same as the network managed by the router. And currently, we don't offer any option to change that.
Having problems bringing up the WAN interface in the Gold?
- If you are using PPPoE, please check the user name and password used.
- If you have an ISP that does MAC address binding, try to reboot the ISP modem/router first before bring up the WAN interface. (Comcast is like this)
- If there is extra pairing of MAC address, see if this help (contributed by one of our users) https://help.firewalla.com/hc/en-us/community/posts/360048836074-AT-T-Fiber-with-Arris-BGW210-to-Firewalla
Gold with Pi-hole or local DNS server
Assuming you have DNS set as pi-hole for this network on Gold
If client DNS is set to pi-hole's IP address
Since client and pi-hole are in the same network, DNS traffic is directly sent to pi-hole and will not go through layer 3 (IP layer) of Gold. Therefore, DNS interception on Gold will not take effect and DNS-based features will not work.
If client DNS is set to Gold's LAN IP
DNS traffic from the client will first be sent to Gold. All DNS based features will work and if DNS cache is not hit on Gold, it will be further forwarded to pi-hole in the local network for resolution.
Don't want to set all client's DNS settings?
Here is an alternative way to make domain block work with pi-hole in the network:
-
Create another local network segment on Gold
-
Move the pi-hole to the newly created network
-
Change the DNS server in the old network's DHCP options to the new IP address of pi-hole
This way, all DNS traffic from local devices to pi-hole will go through Gold and DNS-based features will work properly.
Comments
8 comments
Um ...
just purchased firewalla gold. it will be installed in an uninsulated attic, subject to temperature ranges of 0 degrees F to 100 degrees F. I cannot find the specifications for operating temperatures for the GOLD model.
Where can I find the ambient temperature specifications for this model? I searched everywhere in the website.
many thanks
The Gold Operating Temperature : 0°C ~ 50°C with airflow
We will include this in the product specs.
For the PiHole instructions at the bottom, does it have to be setup as a separate segment that takes up a physical ethernet port? Or can it be setup as a VLAN on an existing segment?
Hi
still not sure why missing IPv6 for pppoe is "a know fact" instead of a problem, this is the major problem with this firewall.
I am not recommending it or using it right now because of the missing IPv6 support, i complained about this before, but for half a year now nothing happened.
Why is there no IPv6 on pppoe ? do you think IPv6 is not important enough ? Believe me, it is.
I am really disappointed about this
Regards
Soeren
@soeren. IPv6 with PPPoE is already supported in 1.971; We forgot to update this page.
Please give it a try.
This guide needs updating. The port forwarding section doesn't match the app.
"Network Manager -> WAN Connection -> Port forwarding" doesn't exist in the current version of the app (or at least the Android app).
Yeah, it should be Network Manager --> NAT settings --> Port Fowarding
Please sign in to leave a comment.