Monday 1 December 2008

Installing Untangle (OSS Firewall) as a Hyper-V Guest

As part of our SPRINGERS methodology for our new SBS 2008 Blueprint book, we were able to work with a number of different security vendors while looking at alternatives to ISA 2004/6.

One of the vendors we have looked at was Untangle. Their product is based on Debian Linux and is a fairly robust firewall and filtering product. Subscriptions are involved for Active Directory connectivity and more.

This is the error we saw on one of our attempts to install Untangle as a Hyper-V guest:

Untangle Hardware Requirements Warning (Dialogue OKd)

While the 512MB of RAM is not critical, the fact that the install routine did not find any NICs is a showstopper.

When we setup the VM, we setup two NICs using the Hyper-V built-in NICs.

So, we shut down the VM and removed the two Hyper-V based NICs and added two Legacy Network Adapters. We set one of the Legacy Adapters to the SBS 2008 network and one to connect to our internal network (Our ISA server has a rule published to allow the Untangle IP address a direct connection to the Internet along with a DHCP Reservation for the VMs' MAC address).

We also increased the RAM to 1024MB (1GB) to eliminate the warning against the amount of installed RAM.

Once we ran through the complete install, we were greeted with:

Untangle Successfully Installed

After clicking OK in the above dialogue box the VM shut itself down. We then changed the boot order in the Hyper-V manager for that VM to hard disk first, released the Untangle ISO, and powered the VM up.

Untangle successfully ran the post install setup wizard once it booted up providing us with the ability to scope the product out. More to come on that in future posts...

Philip Elder
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.


Daniel Mundy said...

Hi Philip,

I have recently set up a Hyper-V test box myself, to play around with SBS 2008. Problem is that I can't give it Internet access without DHCP conflicting with our existing SBS.

I thought Untangle might be able to help with this, plus I'd like to evaluate it's filtering options for our Hyper-V clients in the future.

Only problem is I can't get it to work! It just has a black screen, I assume it can't load the X11 drivers. I can get to console but don't know the password. Have Googled, found a procedure to change the password, didn't work.

Did you have these troubles?

Anonymous said...

Adding two legacy network adapter was exactly what I needed to do to run untangle on hyper-v, thank you so much for the info! it was a big help!