There are some caveats when working with non-Windows OSs as Hyper-V guests.
In the case of the Untangle VM, there is no way to install the Hyper-V Integration Services into the VM. As a result, there is no mouse capture in the VM when opened via the Hyper-V Manager (gives console access) if connected to the Hyper-V management system via a RDP session.
For some systems, keyboard shortcuts may suffice to get about the OS and its management features. In the case of the Untangle VM we were not able to do so. Thus, we needed to be at a physical workstation whenever we needed to manage the VM directly.
The Untangle product does allow HTTPS connectivity to the machine for management purposes once everything has been set up though. This management will need to be accomplished via a workstation as the security settings in IE on the SBS box will not allow the Untangle management features to initialize.
The other caveat when setting up the Untangle product in a Hyper-V based VM is the NIC setup. We set up static MAC addresses for both NICs with the intent of setting the External NIC MAC address up with a static IP reservation in our own SBS server's DHCP.
During the Untangle setup routine and subsequently the Untangle Setup Wizard the NICs were reversed. How the setup routine decides which NIC is Internal and which NIC is external is not known. But, once the NICs were reversed in the Interface Management post OS install, the correct Internal static IP was set in place and DNS was set to the SPRINGERS' SBS VM everything fell into place nicely.
For the book we were working with version 5.x of the Untangle product. Untangle has just released version 6 of the product. From our conversations with Untangle the step up to version 6 is quite significant.
BTW, if you are used to working with ISA and its rule structures, Untangle and its management features should come fairly natural when it comes to the learning curve.
Yesterday's article: Installing Untangle (OSS Firewall) as a Hyper-V Guest
Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.
Showing posts with label Untangle. Show all posts
Showing posts with label Untangle. Show all posts
Tuesday, 2 December 2008
Monday, 1 December 2008
Installing Untangle (OSS Firewall) as a Hyper-V Guest
As part of our SPRINGERS methodology for our new SBS 2008 Blueprint book, we were able to work with a number of different security vendors while looking at alternatives to ISA 2004/6.
One of the vendors we have looked at was Untangle. Their product is based on Debian Linux and is a fairly robust firewall and filtering product. Subscriptions are involved for Active Directory connectivity and more.
This is the error we saw on one of our attempts to install Untangle as a Hyper-V guest:
One of the vendors we have looked at was Untangle. Their product is based on Debian Linux and is a fairly robust firewall and filtering product. Subscriptions are involved for Active Directory connectivity and more.
This is the error we saw on one of our attempts to install Untangle as a Hyper-V guest:
Untangle Hardware Requirements Warning (Dialogue OKd)
While the 512MB of RAM is not critical, the fact that the install routine did not find any NICs is a showstopper.
When we setup the VM, we setup two NICs using the Hyper-V built-in NICs.
So, we shut down the VM and removed the two Hyper-V based NICs and added two Legacy Network Adapters. We set one of the Legacy Adapters to the SBS 2008 network and one to connect to our internal network (Our ISA server has a rule published to allow the Untangle IP address a direct connection to the Internet along with a DHCP Reservation for the VMs' MAC address).
We also increased the RAM to 1024MB (1GB) to eliminate the warning against the amount of installed RAM.
Once we ran through the complete install, we were greeted with:
Untangle Successfully Installed
After clicking OK in the above dialogue box the VM shut itself down. We then changed the boot order in the Hyper-V manager for that VM to hard disk first, released the Untangle ISO, and powered the VM up.
Untangle successfully ran the post install setup wizard once it booted up providing us with the ability to scope the product out. More to come on that in future posts...
Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.
Labels:
Firewalls,
Network Security,
SBS,
SBS 2008 All Editions,
Security,
Untangle
Monday, 8 September 2008
Security and SBS 2008 Webinar with Untangle
I will be a part of the upcoming Webinar presented by Untangle.
You can register here.
Untangle will be presenting on Security in an SBS 2008 World tying in their Untangle firewall security product.
For those looking for alternatives to ISA or SonicWall, Untangle may present one, though we have not had a chance to evaluate their product yet.
We will be diving into the Untangle product along with others as we look for an alternative to SBS 2003 R2 Premium once SBS 2008 SKUs go live. Once we do, we will be sure to share the results here.
Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.
You can register here.
Untangle will be presenting on Security in an SBS 2008 World tying in their Untangle firewall security product.
For those looking for alternatives to ISA or SonicWall, Untangle may present one, though we have not had a chance to evaluate their product yet.
We will be diving into the Untangle product along with others as we look for an alternative to SBS 2003 R2 Premium once SBS 2008 SKUs go live. Once we do, we will be sure to share the results here.
Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.
Subscribe to:
Posts (Atom)