![]() ![]() Once this is done, you would normally navigate to that address on port 4444 to access the admin GUI. Login to the console with the default ( admin – admin) credentials, and choose the option for Network Configuration to change the IP for your nested LAN port. This will need to be changed to the subnet you’re using for your nested LAN interface. Once the VM has been deployed, the Sophos XG will be configured with a 172.16.1.1 address by default. ![]() Boot: BIOS (will not boot if you keep as EFI).Network Adapter 1: LAN portgroup (nested). ![]() Disk: 40GB thin (you may make this smaller if you’d like).RAM: 2GB (add more as needed – max supported is 6GB in the home edition).CPU: 1 (add more as needed – max supported is 4 in the home edition).I’ll describe the basics for deploying the Sophos XG firewall, but will not go into full detail as this is pretty trivial and can be deployed using the following guide as a reference. With that said, one of the VLANs I have is for “Development” work, such as this so I’ll be connecting one uplink from the router to this VLAN which will serve as the WAN interface while the other uplink will be connected to the new nested portgroup to serve as the LAN for the nested lab. I have a bunch of VLANs created for my physical Home Lab as I’ve yet to deploy NSX-T in there, but once I do, I’ll be removing the majority of said VLANs and only keeping the required ones needed to run the lab. Once you determine the subnets you’d like to use for the nested lab, add a static route summary on your physical router.Static route to access the nested lab from my LAN.Set the VLAN type for this portgroup to VLAN Trunking with the range of 0-4094 to allow all VLANs to trunk through.VDS and portgroup without physical uplinks.All traffic will flow through virtual router/firewall to communicate to and from the nested lab. My physical Home Lab is configured with Virtual Distributed Switches, or VDS (sometimes seen as DVS) for short, and since this is a nested lab environment that will not have any physical uplinks connected, I will need to create a new VDS without physical uplinks connected to it along with a portgroup for the nested environment and then configure access to the environment from my LAN. In this post, I will cover the setup and configuration of a Sophos XG firewall Home Edition which will serve as the router for my nested lab environment. In my previous post, I went over the gist of what I plan to do for my nested NSX-T Home Lab. If you want to support me, buy stuff over my Amazon links or click on an advertisement.Welcome to Part 1 of my NSX-T Home Lab Series. Registration, Software Download and Installation Sophos UTMįeel free to comment the recommendation or ask for further installation help. These are my server components: CPUĢx be Quiet Pure Wings 2 (case back and for the hdd’s) If you need inspiration for a home server. You can use it for guest wifi or whatever you want. ![]() You can use vlan interfaces for eth0 without any setup by the hypervisor. On my UTM for LAN eth0 (virtio) and for WAN eth1(PCI Passtrough realtec NIC).Ī nice feature. If it was the wrong interface, restart the installation process and select the other NIC in the list for the LAN.Īfter the installation, you have 2 hardware NICs in the UTM. The LAN-NIC should be the first interface. When installing the UTM, you must select a LAN NIC. insert the “WAN NIC” via PCI Passthroughīe sure if it is the right PCIe slot and NIC.I recommend virtio for NIC device model, because according to my own experience it offers the best data throughput. activate the bridge mode for the “LAN NIC”.activate auto start while booting of the hypervisor.We have been busy and now have a fully installed Ubuntu and Virt Manager and are starting to configure the virtual UTM. With PCI Passthrough, all traffic goes directly to the virtual firewall and cannot escape from a virtual switch and has no logical contact with the hypervisor (the Ubuntu server). Why do I use PCI Passthrough? It is safer. you need a pcie slot for the NIC where the PCIe lanes are not shared with the chipset or other components.and the last NIC via PCI Passthrough exclusive for the UTM WAN interface (you can’t use a dual NIC for this).the second NIC in bridge mode for the VMs.I use the Mainboard NIC for the Server management.A Ubuntu System (with a GUI, it’s easier ) ).The following link deals with the basic configuration of virt manager under ubuntu: In this article I assume that Ubuntu and virt manager are installed. Today I will tell you how I configured my home server for a virtual Sophos UTM.Īll configurations in ubuntu can also be used for a virtual Sophos XG. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |