gacpac Posted October 30, 2018 Share Posted October 30, 2018 (edited) I tried setting up Sophos to try it out, but then the stupid KVM doesn't detect the virtual network cards. Can somebody help me a little bit with this? Edited November 16, 2018 by gacpac Topic solved 1 Quote Link to comment
TType85 Posted October 31, 2018 Share Posted October 31, 2018 are the cards set as virtio or did you specify e1000? I know for OSX you need to change the type for it to work. <interface type='bridge'> <mac address='xx:xx:xx:xx:xx:xx'/> <source bridge='br0'/> <model type='e1000-82545em'/> <address type='pci' domain='0x0000' bus='0x09' slot='0x01' function='0x0'/> </interface> 1 Quote Link to comment
gacpac Posted November 11, 2018 Author Share Posted November 11, 2018 I set the VM settings to be OVMF and it picked it up. But I had another problem that for some reason after it installs the default password doesn't work. And that truly doesn't make sense. If somebody have some quick instructions or something special please let me know Quote Link to comment
thomas Posted November 13, 2018 Share Posted November 13, 2018 (edited) Are you using https://IP.add.re.ss:4444 to connect and do the initial configuration? The page at https://IP.add.re.ss is just for user login and it will fail initially, because there are no users defined. Default is https://172.16.16.16:4444/ Edited November 13, 2018 by thomas added default IP address Quote Link to comment
gacpac Posted November 13, 2018 Author Share Posted November 13, 2018 I'm trying to login using the https://x.x.x.x which is what I've read. The problem I have is that no matter what I do, I can't go to the default https://172.16.16.16:4444/ and no matter what I do. Quote Link to comment
thomas Posted November 13, 2018 Share Posted November 13, 2018 Maybe a silly question, but you have changed your IP to be able to access the 172.16.16.16? You can try ping it first, to know that is accessible... Quote Link to comment
thomas Posted November 13, 2018 Share Posted November 13, 2018 (edited) Try also deleting the browser cache or using an incognito tab... Check also you're using the Lan side, because the Wan side doesn't allow access to :4444 port... Edited November 13, 2018 by thomas Quote Link to comment
gacpac Posted November 13, 2018 Author Share Posted November 13, 2018 30 minutes ago, thomas said: Try also deleting the browser cache or using an incognito tab... Check also you're using the Lan side, because the Wan side doesn't allow access to :4444 port... I'm trying to set it up with Virtual interfaces, which technically are both Lan interfaces. I know I've done it before in VMware Quote Link to comment
thomas Posted November 13, 2018 Share Posted November 13, 2018 They are both on LAN, but the WAN side will get an IP from the DHCP server that you have, while the other one will be 172.16.16.16. So you have to change your IP to be in the same subnet to be able to connect. Also you can connect with VNC and change the LAN side IP from the VM terminal. Default password is admin... Quote Link to comment
thomas Posted November 14, 2018 Share Posted November 14, 2018 I made a test install for Sophos XG Firewall, but for me it only booted with Seabios, not OVMF. After install, I changed my computer's IP to 172.16.16.5 255.255.255.0 and I could access the https://172.16.16.16:4444 and do all the configuration... Quote Link to comment
gacpac Posted November 14, 2018 Author Share Posted November 14, 2018 If you use Seabios. What drivers you use for the disks? That's where I have issues Quote Link to comment
thomas Posted November 14, 2018 Share Posted November 14, 2018 1 minute ago, gacpac said: If you use Seabios. What drivers you use for the disks? That's where I have issues I don't recall if I had to switch the disks from Virtio to SATA, but you can try it. I can check later today to see... Quote Link to comment
gacpac Posted November 14, 2018 Author Share Posted November 14, 2018 I'll check that later today and update back Quote Link to comment
thomas Posted November 14, 2018 Share Posted November 14, 2018 The drive needs to be SATA to work. And the same for the iso image. Quote Link to comment
gacpac Posted November 15, 2018 Author Share Posted November 15, 2018 Omg, I set up as SeaBios using Machine i440fx-3.0 and the system was detected as a KVM Virtual Machine. Then everything in SATA port. I've also spin up a Windows 10 VM. Setup my IP as you said and bro it worked perfect. Now I can play with it, set it up as a bridge or maybe firewall in the future. 1 Quote Link to comment
gacpac Posted November 15, 2018 Author Share Posted November 15, 2018 Another question if possible. How did you setup your network cards for the VM. Because I set them on bridge and my whole network went down. Quote Link to comment
thomas Posted November 15, 2018 Share Posted November 15, 2018 8 hours ago, gacpac said: Another question if possible. How did you setup your network cards for the VM. Because I set them on bridge and my whole network went down. I left them default, the only change I made is the type to "e1000-82545em" and everything works properly. Add Solved to the topic name, if there are no more issues... Quote Link to comment
gacpac Posted November 15, 2018 Author Share Posted November 15, 2018 I left everything default to. Well, I wanted the bridge functionality, but I had to change one of the network cards to vbr0 in the settings. Today I'll work on it but at least I got it to install. Even though I have to go to the https://ipaddress:4444 I guess the other side is for user access only. Quote Link to comment
RivaSABB Posted March 2, 2019 Share Posted March 2, 2019 Could I please ask someone to post a working VM.xml file? I have got pfsense currently and would like to try Sophos UTM but I can not for the life of me get it to work. I have tried a number of vm variations but I can not get it to see the hardware during the setup. Can anyone help? Quote Link to comment
thomas Posted March 3, 2019 Share Posted March 3, 2019 (edited) Find below an xml file. There is nothing fancy about it; choose Linux as VM, Machine Q35, BIOS SeaBIOS, OS Install CDROM set to SATA, Primary Disk set to SATA 10GB, VNC and 2 virtual NICs changed from virtio to e1000-82545em. You must remove the virtual NICs and use the pass-through ones if that's the case. Quote <domain type='kvm' id='3'> <name>Linux</name> <uuid>02836ca4-3c5c-2aa1-04b1-78d09038e17d</uuid> <metadata> <vmtemplate xmlns="unraid" name="Linux" icon="linux.png" os="linux"/> </metadata> <memory unit='KiB'>2097152</memory> <currentMemory unit='KiB'>2097152</currentMemory> <memoryBacking> <nosharepages/> </memoryBacking> <vcpu placement='static'>2</vcpu> <cputune> <vcpupin vcpu='0' cpuset='3'/> <vcpupin vcpu='1' cpuset='7'/> </cputune> <resource> <partition>/machine</partition> </resource> <os> <type arch='x86_64' machine='pc-q35-3.1'>hvm</type> </os> <features> <acpi/> <apic/> </features> <cpu mode='host-passthrough' check='none'> <topology sockets='1' cores='1' threads='2'/> </cpu> <clock offset='utc'> <timer name='rtc' tickpolicy='catchup'/> <timer name='pit' tickpolicy='delay'/> <timer name='hpet' present='no'/> </clock> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>restart</on_crash> <devices> <emulator>/usr/local/sbin/qemu</emulator> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> <source file='/mnt/user/isos/yourISO.iso'/> <backingStore/> <target dev='hda' bus='sata'/> <readonly/> <boot order='2'/> <alias name='sata0-0-0'/> <address type='drive' controller='0' bus='0' target='0' unit='0'/> </disk> <disk type='file' device='disk'> <driver name='qemu' type='raw' cache='writeback'/> <source file='/mnt/user/domains/Linux/vdisk1.img'/> <backingStore/> <target dev='hdc' bus='sata'/> <boot order='1'/> <alias name='sata0-0-2'/> <address type='drive' controller='0' bus='0' target='0' unit='2'/> </disk> <controller type='usb' index='0' model='ich9-ehci1'> <alias name='usb'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x7'/> </controller> <controller type='usb' index='0' model='ich9-uhci1'> <alias name='usb'/> <master startport='0'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0' multifunction='on'/> </controller> <controller type='usb' index='0' model='ich9-uhci2'> <alias name='usb'/> <master startport='2'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x1'/> </controller> <controller type='usb' index='0' model='ich9-uhci3'> <alias name='usb'/> <master startport='4'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x2'/> </controller> <controller type='sata' index='0'> <alias name='ide'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='pci' index='0' model='pcie-root'> <alias name='pcie.0'/> </controller> <controller type='pci' index='1' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='1' port='0x10'/> <alias name='pci.1'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/> </controller> <controller type='pci' index='2' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='2' port='0x11'/> <alias name='pci.2'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/> </controller> <controller type='pci' index='3' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='3' port='0x12'/> <alias name='pci.3'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/> </controller> <controller type='pci' index='4' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='4' port='0x13'/> <alias name='pci.4'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/> </controller> <controller type='pci' index='5' model='pcie-root-port'> <model name='pcie-root-port'/> <target chassis='5' port='0x14'/> <alias name='pci.5'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/> </controller> <controller type='virtio-serial' index='0'> <alias name='virtio-serial0'/> <address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/> </controller> <interface type='bridge'> <mac address='52:54:00:16:2d:cf'/> <source bridge='br0'/> <target dev='vnet1'/> <model type='e1000-82545em'/> <alias name='net0'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <interface type='bridge'> <mac address='52:54:00:2e:b6:24'/> <source bridge='br0'/> <target dev='vnet2'/> <model type='e1000-82545em'/> <alias name='net1'/> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </interface> <serial type='pty'> <source path='/dev/pts/1'/> <target type='isa-serial' port='0'> <model name='isa-serial'/> </target> <alias name='serial0'/> </serial> <console type='pty' tty='/dev/pts/1'> <source path='/dev/pts/1'/> <target type='serial' port='0'/> <alias name='serial0'/> </console> <channel type='unix'> <source mode='bind' path='/var/lib/libvirt/qemu/channel/target/domain-3-Linux/org.qemu.guest_agent.0'/> <target type='virtio' name='org.qemu.guest_agent.0' state='disconnected'/> <alias name='channel0'/> <address type='virtio-serial' controller='0' bus='0' port='1'/> </channel> <input type='tablet' bus='usb'> <alias name='input0'/> <address type='usb' bus='0' port='1'/> </input> <input type='mouse' bus='ps2'> <alias name='input1'/> </input> <input type='keyboard' bus='ps2'> <alias name='input2'/> </input> <graphics type='vnc' port='5901' autoport='yes' websocket='5700' listen='0.0.0.0' keymap='en-us'> <listen type='address' address='0.0.0.0'/> </graphics> <video> <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/> <alias name='video0'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </video> <memballoon model='virtio'> <alias name='balloon0'/> <address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/> </memballoon> </devices> <seclabel type='dynamic' model='dac' relabel='yes'> <label>+0:+100</label> <imagelabel>+0:+100</imagelabel> </seclabel> </domain> Edited March 3, 2019 by thomas Quote Link to comment
guruleenyc Posted April 30, 2019 Share Posted April 30, 2019 I am migrating my SophosUTM from ESXi vmdk to Unraid VM. I followed these steps: ESXi VMDK to Unraid KVM VM 1) Stop the VM in ESXI 2) Export the VM as an OVF template 3) Make a folder on your unraid box called /mnt/user/domains/<NameOfVM> 4) Copy the VMDK file from the export folder to the folder you created in step 3 5) Run the following command: "qemu-img convert -p -f vmdk -O raw <vmdkfile> <vmdkfilename>.img". This will convert the file to the KVM/OVirt format. 6) Create a new VM, change the bios to "SeaBIOS", and choose the .img file created in step #5 for the first hard drive. At this point, if it's a linux machine, you can boot it and it pretty much Just Works (tm). If it's a windows box, you've got a couple more steps. I'm using the aforementioned Linux VM settings. BUT during boot it hangs at "could not find /dev/disk/by-label/root", please see screenshot. The disk type is SATA which points to my .img file. Can someone help me get past this? Quote Link to comment
guruleenyc Posted April 30, 2019 Share Posted April 30, 2019 (edited) On 11/14/2018 at 11:29 PM, gacpac said: Omg, I set up as SeaBios using Machine i440fx-3.0 and the system was detected as a KVM Virtual Machine. Then everything in SATA port. I've also spin up a Windows 10 VM. Setup my IP as you said and bro it worked perfect. Now I can play with it, set it up as a bridge or maybe firewall in the future. This resolved my issue NIC detection too! My problem was I was going with the default machine type after changing it to: i440fx-3.0. Also I changed VM settings interface model type: <model type='e1000-82545em'/> Now the Sophos UTM 9.5 is seeing at least one network card during installation. At least now I can complete the install and then figure out what I want to use as my second NIC. Thanks!!! BUT, now I get an RPM error 3/4 through the installation and it aborts. To get past this error, I re-ran the installer as 32bit kernel and opting out of the Enterprise tools option. Not out of the woods yet! Now that install finished, it boots to Grub prompt.... 😞 Edited April 30, 2019 by guruleenyc Quote Link to comment
gacpac Posted May 2, 2019 Author Share Posted May 2, 2019 On 4/30/2019 at 5:24 PM, guruleenyc said: This resolved my issue NIC detection too! My problem was I was going with the default machine type after changing it to: i440fx-3.0. Also I changed VM settings interface model type: <model type='e1000-82545em'/> Now the Sophos UTM 9.5 is seeing at least one network card during installation. At least now I can complete the install and then figure out what I want to use as my second NIC. Thanks!!! BUT, now I get an RPM error 3/4 through the installation and it aborts. To get past this error, I re-ran the installer as 32bit kernel and opting out of the Enterprise tools option. Not out of the woods yet! Now that install finished, it boots to Grub prompt.... 😞 Something is off. I didn't got that error. If you want I can try installing sophos again and then let you know what I did. Have you checked the iso? 1 Quote Link to comment
thomas Posted May 2, 2019 Share Posted May 2, 2019 You ran out of space. If you press ALT+F4, you'll see the log. I tried with 10GB and it's too small. Increasing the disk space to 20GB fixed it. I used UTM 9.6 with 64bit and Enterprise. 1 Quote Link to comment
guruleenyc Posted May 10, 2019 Share Posted May 10, 2019 On 5/1/2019 at 9:16 PM, thomas said: You ran out of space. If you press ALT+F4, you'll see the log. I tried with 10GB and it's too small. Increasing the disk space to 20GB fixed it. I used UTM 9.6 with 64bit and Enterprise. @thomas Thank you!!!! I del the SophosUTM 9 VM and rebuilt it as generic Linux, machine type: i440fx-3.0, increased hdd to 30G sata and changed VM settings interface model type: "<model type='e1000-82545em'/>" in form view after creation. The VM is up and running with once NIC/br0, now I need to see what I am going to use as a WAN NIC for it. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.