1812 Posted May 15, 2019 Share Posted May 15, 2019 I just wanted to pop in this thread and thank you all for posting all your trial and error issues/solutions. I installed Sophos a few days ago after reading this thread, and after a little learning curve with setting up NAT and a few other settings I needed (from my pfsense install) I have a near perfectly running install (just have to setup Nat reflection, but not a big deal) Thanks! 1 Quote Link to comment
1812 Posted July 7, 2019 Share Posted July 7, 2019 Question: how much ram are you all using? Anytime I go over 2GB the web gui will freeze within a few minutes and lan network goes down (though, the ssl vpn server still operates normally) Thanks Quote Link to comment
thomas Posted July 7, 2019 Share Posted July 7, 2019 10 minutes ago, 1812 said: Question: how much ram are you all using? Anytime I go over 2GB the web gui will freeze within a few minutes and lan network goes down (though, the ssl vpn server still operates normally) Thanks I'm using 2GB, but my VM is just for testing. Are you using bridge for the LAN segment? I have seen sometimes using bridge it's causing issues and the whole network goes down. Try using 2 hardware ports, one for LAN and one for WAN... Quote Link to comment
1812 Posted July 7, 2019 Share Posted July 7, 2019 (edited) 10 minutes ago, thomas said: I'm using 2GB, but my VM is just for testing. Are you using bridge for the LAN segment? I have seen sometimes using bridge it's causing issues and the whole network goes down. Try using 2 hardware ports, one for LAN and one for WAN... It has a quad port nic, so it has fully independent real ports. Edited July 7, 2019 by 1812 Quote Link to comment
thomas Posted July 7, 2019 Share Posted July 7, 2019 How is your network wired? Are you using a switch in-between LAN port and unraid? Quote Link to comment
1812 Posted July 7, 2019 Share Posted July 7, 2019 (edited) 6 minutes ago, thomas said: How is your network wired? Are you using a switch in-between LAN port and unraid? yup. I'm going to try a fresh install with 6gb from the start and see how that goes. Edited July 7, 2019 by 1812 Quote Link to comment
thomas Posted July 8, 2019 Share Posted July 8, 2019 you can bridge the free ports on the quad for LAN (3 ports switch total) and connect unraid directly and the existing switch will be used for the rest of network... Quote Link to comment
1812 Posted July 8, 2019 Share Posted July 8, 2019 (edited) 12 minutes ago, thomas said: you can bridge the free ports on the quad for LAN (3 ports switch total) and connect unraid directly and the existing switch will be used for the rest of network... yes, I am aware, but I still need a switch there to provide the backbone to the main house switch, considering they are in separate rooms. also, that doesn't solve my "assigning more than 2gb locks up the webadmin and tanks the lan" problem. I've just completed making a new vm with 6gb and applied a backup/restore to it.. waiting to see what happens. Edited July 8, 2019 by 1812 Quote Link to comment
1812 Posted July 8, 2019 Share Posted July 8, 2019 as an update, the new image created using 6GB ram and restored with the file from the 2GB img has been up for over 10 hours without issue. It seems to be a little bit snappier too, but that may also be a placebo. Quote Link to comment
my.name.jeff Posted June 19, 2020 Share Posted June 19, 2020 Quote <interface type='bridge'> <mac address='52:54:00:16:2d:cf'/> <source bridge='br0'/> <target dev='vnet1'/> <model type='e1000-82545em'/> <alias name='net0'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> <interface type='bridge'> <mac address='52:54:00:2e:b6:24'/> <source bridge='br0'/> <target dev='vnet2'/> <model type='e1000-82545em'/> <alias name='net1'/> <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/> </interface> I am confused about this. Why would both of these be bridged with br0? Doesn't the firewall need to be between unraid and the router? Doesn't this allow the firewall to just be a passive observer of the incoming data? Quote Link to comment
thomas Posted June 19, 2020 Share Posted June 19, 2020 That was part of a an example of a working XML. You must remove the virtual NICs and use the pass-through ones. Quote Link to comment
gacpac Posted June 20, 2020 Author Share Posted June 20, 2020 Wow, I'm happy my post has inspired other users to post their questions here. I'm using pfsense right now, it's been while I don't use sophos. Which one would you rather use? Quote Link to comment
thomas Posted June 20, 2020 Share Posted June 20, 2020 49 minutes ago, gacpac said: Which one would you rather use? Right now I don't use any of them, I just have a Netgear Orbi router with some DNS filtering. It has also an option to enable Armor which is made by Bitdefender, if I really want to have some extra protection. My Sophos VM had a issue with the registration not being updated and I was supposed to reinstall it, but I was too lazy... I did a few trial runs for pfsense, but it wasn't really my taste. Too much configuration for very little outcome and the web interface was horrible. In the end, without a good IDS&IPS no firewall is very helpful and I think the best ones are the commercial ones if you really need that type of protection; plus you need to invest time to actually check the logs and fix all the small issues that seems to occur almost weekly, if not daily. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.