Single NIC Build Fails to Complete - How Do I Get Beyond Failsafe Mode?

Hi,

to set the password you need to logon to the gui. Unless the 4g device is seen as a acceptable device you will not get much further. I don't think you can build an XG using a 4g device, that only comes into play after you have access to the GUI. In theory you should be able to logon to https://172.16.16.16:4444 but you will the gui, not the console which is what the laptop screen has become.

Ian

Hi Ian,

rfcat_vk said:

In theory you should be able to logon to https://172.16.16.16:4444

Yeah, theory is a wonderful thing ... sadly the practise aspect didn't get the memo and that IP address is not recognised.

In short it seems that:

1. To complete build I need to reach the GUI
2. To reach the GUI I need to complete build

Joseph Heller has soooo much to answer for ... [:P]

Any other suggestions??  Or do I go back to smoothwall - not ideal, but at least I can build and then modify.

Chris

Hi Ian,

rfcat_vk said:

In theory you should be able to logon to https://172.16.16.16:4444

Yeah, theory is a wonderful thing ... sadly the practise aspect didn't get the memo and that IP address is not recognised.

In short it seems that:

1. To complete build I need to reach the GUI
2. To reach the GUI I need to complete build

Joseph Heller has soooo much to answer for ... [:P]

Any other suggestions??  Or do I go back to smoothwall - not ideal, but at least I can build and then modify.

Chris

Hi Chris,

probably means the 4g device was recognised as your internal network. During setup what did the display show you as the network devices.

The XG install only reboots once so that you get to the GUI screen where you then complete the installation. There are a couple of reboots after that. Once the reboot at installation occurs then there is very little that you can do on the console until you create the password in the GUI.

You really do need two supported NICs to build an XG to even a UTM for that matter.

Ian

On boot it shows:

### System Detail ###
...
Total Number of interfaces: 1
...

I've rebuilt a couple of times just for the heck of it and I think you are correct here Ian:

rfcat_vk said:

You really do need two supported NICs to build an XG to even a UTM for that matter.

Which is a bit of a shame really 'cause there's a lot of old laptops around which make ideal firewalls:

• low power consumption
• built-in battery backup
• built-in console
• small footprint

Thanks anyway, looks like I'm back to smoothies ...

Chris

Hi Chris,

Why not just buy a small dual port NUC or something similar?

Ian

Good question Ian, a few reasons:

1. AFAIK the only NUC's that have 2 ethernet ports are seriously high-end - 8th generation i7's - way beyond the spec' needed for a firewall.
2. NUCs don't have battery backup to cope with the occasional electrical brown (or black)-out.  Linux-based systems have never been reliable at recovering from instantaneous power loss.
3. The Internet connection I'm using is mobile broadband, specifically a Huawei 4G device with only USB and WiFi for internal connectivity.
4. I already have an old laptop that I'd like to reuse rather than just throw away - I'm not keen on chucking "stuff" without giving it every chance for a long(er) life.

I could change the device, and will at some point, but for now this is what I have to play with and I'm keen to see if it's viable.  I did get a smoothie working a few years ago with a USB network connection (USB on laptop -> ethernet on internal network).  Whilst I would like to move on from smoothies it looks like Sophos isn't viable that way (yet).

Chris

Hi Chris,

I use a 4 port box from with a quad core celeron. XG is a linux based system and so is the UTM. You can always put a small UPS on it if you feel that way inclined. They always seem to recover when you pull the power plug and replace it without an issue. Takes a little longer while the check disk process runs and repairs the disks.

You will need a physical connection to the XG to configure the WIFI and the external interface, while some of this can be done from the console you still need access to the GUI to register and add your licence plus build your rules. 

Ian

We're now getting away from the original topic which is: how do I build an XG system with only 1 NIC and the answer is "you can't".  I've tried having a USB -> ethernet adaptor plugged in and having the laptop's WiFi turned on but Sophos fails to recognise either of them as network connections during build.

I could buy another piece of hardware (as you suggest) but that would just be a waste of money and planetary resources.  I've rebuilt more than one [li|u]nix system over the years after a sudden power failure and, again, don't want to just throw money and resources at it for a UPS when I have a perfectly good piece of kit sitting here which I will be able to use as a firewall, just not with Sophos.

Thanks for your responses, looks like I'm going forward to the past with a Smoothwall implementation ...

Chris