Thursday, July 11, 2013

Using a Sophos UTM in Virtual Box

Sophos provides a free home user UTM.  This is a direct update to the older Astaro ASG that I was running.  I recently had to convert over to the new system.  I run it on my FreeBSd server so prefer to use Virual Box to run my VM's.  I ran into a bit of an issue getting the UTM onto the network, but now it's working perfectly.  Here are some simple instructions to get it working.

First of all register and download the VMware x86 or x64 zip file(not the ESX version).  Onew downloaded unzip this file and grab all the *.vmdk files.  The other files can be discarded.

Now go into Virtual box and create a new VM.  Select Linux as  the OS and configure it as desired with the following changes.
  • Add a new IDE disk and browser for and select the base VMDK file. (The one without a -s###.)
  • Add two network cards and change both to use Bridged Networking and change the device driver to Intel PRO/1000 MT Server.
This should be all that is needed to get things working, though I would suggest removing the audio hardware.  Also the UTM shouldn't need much memory, 350-500MB depending on the features you plan to enable.

Now you can boot up the VM.  If you plan to run it as a service you can but for now you need to start it directly in VirtualBox so you can get at the console. Once booted up the system will list and IP to access it at but this won't actually work due to our VM/Nic setup.  So instead go into the UTM's console and logging as root.  The password will be blank and you will need to change it.

Now on the UTM do the following to reconfigure the default network settings. Tab completion will work here.  Also be sure to substitute you settings for the following variables:
$ADDRESS (eg: 192.168.1.5) Internal Ip for the UTM.
$NETMASK (eg: 24) See here for help.
$BROADCAST (eg: 192.168.1.255) Subnet part of Ip filled in with 255 for the rest.
$NETWORK (eg: 192.168.1.0) Subnet of the Ip filled in with 0's.
$INTERFACE Use tab compleation for this and choose witch NIC you want as your internal.

cc
RAW
lock_override
OBJS

itfparams
primary
REF_ItfParamsDefaultInternal
address=$ADDRESS
netmask=$NETMASK
w
/

network
interface_address
REF_DefaultInternalAddress
address=$ADDRESS
w
/

network
interface_broadcast
REF_DefaultInternalBroadcast
address=$BROADCAST
w
/

network
interface_network
REF_DefaultInternalNetwork
address=$NETWORK
netmask=$NETMASK
w
/

interface
ethernet
REF_DefaultInternal
itfhw=REF_ItfEth$INTERFACE
status=1
w

exit

Each set of commands above will print out the new config when the w line is entered so you should be able to identify any errors or problems.  Once finished you can reboot the UTM by typing reboot.

Now if everything is working you should be able to navigate to https://$ADDRESS:4444 and setup the UTM. If you get any error about not being able to change your active connection then one of the settings above must not match or the the itfhw in the last step didn't get set right.