Guest User!

You are not Sophos Staff.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[HowTo] Setup a Sophos XG on Netcup

Maybe useful for others as well. I managed to get the XG ISO up and running on a vServer hosted by netcup.de:

  1. Make sure you have set up a second LAN interface by activating VLAN, netcup calls this option "Cloud vLAN Free".
  2. Afterwards you will see on your server in section "Allgemein" to entries for "Netzwerk".

For the next steps, we need:

  • IP4 address of your server, example 2.48.91.17
  • IP4 address of your gateway, example 2.48.93.1 (under section Netzwerk in the Server Control Panel)
  • Watch out: the server IP and the gateway IP are in different subnetworks, so later on we use the netmask 255.255.0.0 instead of the more common 255.255.255.0

To stay clean, notice that one of these two MAC address has a IP4/IP6 address, the other does not.

  1. Make sure you uploaded the needed image and installed the server.
  2. Connect to command line interface (CLI) via VNC Screen.
  3. Enter the Sophos XG Firewall on CLI level by using the password (default at the beginning, immediately change it, watch out, for different keyboard layout).
  4. Once the password is less unsecure, continue:
    1. Go in option 5 Device Management
    2. Select Advanced Shell
    3. Enter the following command to set the external IP4 address of your server to your linked LAN Port:
      ifconfig Port1 2.48.91.17 netmask 255.255.0.0
    4. Enter the following command to set the gateway address as your default gateway:
      route add default gw 2.48.93.1

Once this is set, you should now be able to reach your Web Interface in the browser via: https://2.48.91.17:4444

Notice: The ifconfig command references Port1 (watch out, case sensitive). The assumption is, that this port is the one linked to the external  IP4 address and its not the internal vLAN port. This can be verified by the command: ip link show

As soon as you can access the Web Interface of Sophos XG, head over to the network section: Edit Port1 (the one we changed on CLI) and set the external IP (2.48.91.17) as its static address.

If you want to make this Port the official WAN port on your Sophos, activate the Web Interface on WAN Ports before applying this category to the Port. Otherwise you will be locked out.



This thread was automatically locked due to age.
Parents
  • Hello Matthias,

    Thank you for your contribution to the Sophos Community.

     I managed to get the XG ISO up and running on a vServer hosted by netcup.de:

    1. Make sure you have set up a second LAN interface by activating VLAN, netcup calls this option "Cloud vLAN Free".
    2. Afterwards you will see on your server in section "Allgemein" to entries for "Netzwerk".

    For the next steps, we need:

    • IP4 address of your server, example 2.48.91.17
    • IP4 address of your gateway, example 2.48.93.1 (under section Netzwerk in the Server Control Panel)
    • Watch out: the server IP and the gateway IP are in different subnetworks, so later on we use the netmask 255.255.0.0 instead of the more common 255.255.255.0

    To stay clean, notice that one of these two MAC address has a IP4/IP6 address, the other does not.

    1. Make sure you uploaded the needed image and installed the server.
    2. Connect to command line interface (CLI) via VNC Screen.
    3. Enter the Sophos XG Firewall on CLI level by using the password (default at the beginning, immediately change it, watch out, for different keyboard layout).
    4. Once the password is less unsecure, continue:
      1. Go in option 5 Device Management
      2. Select Advanced Shell
      3. Enter the following command to set the external IP4 address of your server to your linked LAN Port:
        ifconfig Port1 2.48.91.17 netmask 255.255.0.0
      4. Enter the following command to set the gateway address as your default gateway:
        route add default gw 2.48.93.1

    Once this is set, you should now be able to reach your Web Interface in the browser via: https://2.48.91.17:4444

    Notice: The ifconfig command references Port1 (watch out, case sensitive). The assumption is, that this port is the one linked to the external  IP4 address and its not the internal vLAN port. This can be verified by the command: ip link show

    As soon as you can access the Web Interface of Sophos XG, head over to the network section: Edit Port1 (the one we changed on CLI) and set the external IP (2.48.91.17) as its static address.

    If you want to make this Port the official WAN port on your Sophos, activate the Web Interface on WAN Ports before applying this category to the Port. Otherwise you will be locked out.

    Credits:

Reply
  • Hello Matthias,

    Thank you for your contribution to the Sophos Community.

     I managed to get the XG ISO up and running on a vServer hosted by netcup.de:

    1. Make sure you have set up a second LAN interface by activating VLAN, netcup calls this option "Cloud vLAN Free".
    2. Afterwards you will see on your server in section "Allgemein" to entries for "Netzwerk".

    For the next steps, we need:

    • IP4 address of your server, example 2.48.91.17
    • IP4 address of your gateway, example 2.48.93.1 (under section Netzwerk in the Server Control Panel)
    • Watch out: the server IP and the gateway IP are in different subnetworks, so later on we use the netmask 255.255.0.0 instead of the more common 255.255.255.0

    To stay clean, notice that one of these two MAC address has a IP4/IP6 address, the other does not.

    1. Make sure you uploaded the needed image and installed the server.
    2. Connect to command line interface (CLI) via VNC Screen.
    3. Enter the Sophos XG Firewall on CLI level by using the password (default at the beginning, immediately change it, watch out, for different keyboard layout).
    4. Once the password is less unsecure, continue:
      1. Go in option 5 Device Management
      2. Select Advanced Shell
      3. Enter the following command to set the external IP4 address of your server to your linked LAN Port:
        ifconfig Port1 2.48.91.17 netmask 255.255.0.0
      4. Enter the following command to set the gateway address as your default gateway:
        route add default gw 2.48.93.1

    Once this is set, you should now be able to reach your Web Interface in the browser via: https://2.48.91.17:4444

    Notice: The ifconfig command references Port1 (watch out, case sensitive). The assumption is, that this port is the one linked to the external  IP4 address and its not the internal vLAN port. This can be verified by the command: ip link show

    As soon as you can access the Web Interface of Sophos XG, head over to the network section: Edit Port1 (the one we changed on CLI) and set the external IP (2.48.91.17) as its static address.

    If you want to make this Port the official WAN port on your Sophos, activate the Web Interface on WAN Ports before applying this category to the Port. Otherwise you will be locked out.

    Credits:

Children
No Data