Hi, I just decided to take the plunge into building my own firewall appliance after using a Cisco ASA 5505 (and pixes before that ) for my home network.
I purchased a ProtectLi FW6c based on a number of reviews and forum comments. (https://protectli.com/product/fw6c/). I got the i5 version so I could take advantage of the higher horsepower of a faster processor.
While I have bits of PC components sprinkled around my house (spare monitor, Bluetooth keyboard/mouse), we mostly use laptops so i didn't really have an easy way to setup the device and firewall using the standard hdmi/mouse/keyboard so I decided to try headless using the console port.
I already had the a USB to serial adapter for use with my Cisco ASA so I used that. Reminder - you can find the USB device by searching for *USB* in /dev. You then do a "screen" against this device with the serial speed at the end.
Out of the box, the Proectli BIOS is set for the console to be at 115200. This is a bit of a change as I am used to my console ports being set to 9600, but I made this adjustment (after a bit of internet searching) and was able to access the bios.
I downloaded the Sophos ISO image and moved it to a USB using Etcher (https://www.balena.io/etcher/)
Once I configured the BIOS to boot from the USB port I saw the flash drive start to flash and it looked like things were moving. However, once the Sophos install script loaded, my text was scrambled. After a bit of additional digging on this forum, I found that Sophos assumes that the serial port is operating at 38400. After a bit of tinkering in the proectli BIOS, I got the console port set to 38400 and was then able to see the installation prompt from Sophos XG.
XG installed without a hitch, but then my text became scrambled again once the firewall booted from the internal ssd drive - I'm guessing it is expecting yet a another different console port speed, but I didn't spend any time investigating this as I was now able to connect to the web management interface of the new firewall.
I was able to get things passing traffic without too much additional effort, but I did notice that the throughput through the box was pretty low. It turned out that the default IPS and web filtering settings were slowing things down considerably.
I'm at a point that things are working fairly well, but I have limited advanced firewall features enabled to avoid too much of a performance hit. Any recommendations for enabling features without too much impact?
Thanks!
Bryan
This thread was automatically locked due to age.
