As of version 1.97 of the Gold:
Tips For Installing Gold
- If you are installing the Gold in router mode, make sure your phone is connected to the internet, either through wifi (that still works) or LTE/4G.
- If you are working with a modem/router, you may need to reboot that unit after unplugging your old router. (Example, Comcast, Virgin)
How do I change the DNS server?
The DNS server can be changed on the LAN segment only.
Network->[tap on the top right edit]->tap on any segment->tap on primary/secondary DNS, you should be able to edit it.
How do I do port forwarding?
You can either go to Network Manager -> WAN Connection -> Port forwarding, or Device Detail -> Ports to add Port forwarding.
How do I reserve IP for devices?
On Device List, select the device you'd like to reserve IP Address for, scroll down to locate the IP Address, tap on it. You can switch the IP Allocation method among Dynamic, Reserved, Do Not Allocate.
Select Reserved, tap on the IP address, then you can edit and reserve the IP Address for this device.
Why does the Gold feel hot?
The Gold is passively cooled, please place the unit in a well-vented area. From our manufacture "the surface temperature will reach 60°C / 140°F when the room temperature is 31°C / 88°F and all CPU cores are 100% loaded". The unit may get hot/warm to the touch. (The Aluminum case conducts heat well, so it will feel hotter when you touch it)
How Do I configure Segment?
In order to configure a segment, you will need to tap on the "Edit" button
Tap on Network button
Tap on the top right edit button
Tap on the Segment
Make sure you "Save" top right button when done
How to configure Firewalla Gold DHCP mode overlay network?
Firewalla Gold in DHCP mode automatically sets the overlay network as same as the network managed by the router. And currently, we don't offer any option to change that.
Having problems bringing up the WAN interface in the Gold?
- If you are using PPPoE, please check the user name and password used.
- If you have an ISP that does MAC address binding, try to reboot the ISP modem/router first before bring up the WAN interface. (Comcast is like this)
- If there is extra pairing of MAC address, see if this help (contributed by one of our users) https://help.firewalla.com/hc/en-us/community/posts/360048836074-AT-T-Fiber-with-Arris-BGW210-to-Firewalla
Gold with Pi-hole or local DNS server
Assuming you have DNS set as pi-hole for this network on Gold
If client DNS is set to pi-hole's IP address
Since client and pi-hole are in the same network, DNS traffic is directly sent to pi-hole and will not go through layer 3 (IP layer) of Gold. Therefore, DNS interception on Gold will not take effect and DNS-based features will not work.
If client DNS is set to Gold's LAN IP
DNS traffic from the client will first be sent to Gold. All DNS based features will work and if DNS cache is not hit on Gold, it will be further forwarded to pi-hole in the local network for resolution.
Don't want to set all client's DNS settings?
Here is an alternative way to make domain block work with pi-hole in the network:
Create another local network segment on Gold
Move the pi-hole to the newly created network
Change the DNS server in the old network's DHCP options to the new IP address of pi-hole
This way, all DNS traffic from local devices to pi-hole will go through Gold and DNS-based features will work properly.