The ipcop firewall takes great care to protect your internal networks from servers running in the Demilitarized Zone, or DMZ, otherwise known as “Orange”. That protection imposes some constraints on servers placed there.
Not understanding these constraints is the most common cause of issues connecting devices in Orange.
Orange must be on a separate physical network from Green
1) Orange must be on a separate logical subnet
Orange cannot send nor respond to ping
Orange must always use your
ISP's
DNS for name resolution
Orange must be assigned a Static IP (IPCOP does not respond to
DHCP request on Orange)
Orange must always point to the IPCOP Orange interface as its gateway
Orange can be accessed from Green ONLY by it’s internal IP address
Orange cannot access Green unless pinholes are opened
Orange can be port-forwarded to in exactly the same manner as Green
Orange NIC to IPCOP NIC must be connected using crossover cable
2) Orange can NOT use IPCOP (at ANY interface) as it's Time Source.