Thread Info
  • State Suggested Answer
  • +7 person also asked this people also asked this
  • Locked Locked
  • Replies 19 replies
  • Answers 3 answers
  • Subscribers 37 subscribers
  • Views 39287 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Installation image (ISO) not UEFI bootable

Matt Brossett

The motherboard I am using only supports UEFI OS. When I attempt to create a USB boot drive using Rufus with "GPT partition scheme for UEFI" setting I get the error...

"Unsupported ISO - When using UEFI Target Type, only EFI bootable ISO images are supported. Please select an EFI bootable ISO or set the Target Type to BIOS"

 If I use the MBR partition scheme for UEFI, the server will not recognize the boot drive. Win32DiskImager and Etcher did not work either. I also used IPMI to mount the ISO but it still wasn't recognized.

Does Sophos have an ISO that is EFI bootable? I am using a new SuperMicro SuperServer E200-9A. Their support says I must use a EFI bootable ISO and GPT partition scheme. Does anyone have a solution to this problem?



This thread was automatically locked due to age.
  • 0 in reply to Ciprian Hutiu

    Ciprian Hutiu said:

    This doesn't seem like an option, messing around with HW setups in countless hours of slaloms between and around errors, when all you wanna do is get the SW installed in a few minutes, then better use all that previously wasted time to setup, test and etc. the (new) firewall.

     

    Considering I'm coming from UTM, where this was not an issue, I completely agree, but I also can appreciate that they can't pre-certify their OS with every possible piece of hardware out there.

     

    Ciprian Hutiu said:

    It might be cheap as in free for home users, it might be evaluated for 30 days for businesses, but in the end of the day, if my boss get to hear from me about Sophos, and what a cool and marvelous piece of software it is, but also finds out that I have to struggle for days/ weeks with installation on (too) newer HW, he will seriously rise at least an eyebrow toward my marketing/ sales pitch! :(

     

     

    In my case, I ended up switching to a different Supermicro box, which solved the problem ( a 1019S-WR ). To continue testing with the E200-9A I have simply added a layer of virtualization using proxmox and an running XG as a VM. I realize there may be a slight performance penalty for this, but giving the scale of the deployment it will also be a good way to test performance in a virtualized environment, since XG lets you run an Active-Passive HA configuration for free and a VM would be a good candidate.

     

    Eventually though, all of this boils down to whether or not Sophos will fix this. I looked at the beginning of this thread and noticed you did not click the "I have this question", would you please do so? If it is important to you then casting your vote with us will probably help Sophos recognize the problem, or at least respond with an answer as to why they're not fixing this.

  • 0 in reply to jonw

    jonw said:
    but I also can appreciate that they can't pre-certify their OS with every possible piece of hardware out there.

    Where did I say such a thing? :) I'm only reffering to UEFI compatibility. Pure and standard UEFI. Which there is not. You have to have a certain type of CSM in order for the ISO to successfully boot, but CSM means Compatibility, which means that Sophos is not trying to align to the standard (UEFI), but rely on OEMs to implement the appropriate compatibility module (CSM).

    Just make the ISO a standard UEFI ISO (beside the older standard BIOS), and I'm happy with it. I never talked about specific HW or specific implementations, just standard UEFI.

    jonw said:
    you did not click the "I have this question", would you please do so?

    Just did it, thank you for the reminder.

  • 0 in reply to Ciprian Hutiu

    Did this ever get resolved?  I just downloaded the latest software appliance iso which also lacks uefi boot ability.

  • 0 in reply to Jay Jay

    Unfortunately no,

    I ended up going with pf sense.  I understand that this may not be a factor for their UTM product.  You might try that.  Just realize the licensing is different.  It is not licensed by proc cores and RAM.  Instead it is by devices or DHCP ips (50) for the free version as I understand it.  That may be a deal breaker with as many devices as we have now with IOT devices, phones, routers etc.  It was for me.  The only other suggestion I can give is the same that was given to me.  Try pfSense.  It may not be as easy to use as Sophs products but it has gotten alot better with not having to leave the console for daily config tasks and monitoring.  The only thing I am waiting for on pfSense is for the 10gig  ports to be recognized.  UEFI and 1gig ports are not a problem.  Hope this helps.

  • 0 in reply to Stephen Stacha

    Stephen Stacha said:
    The only thing I am waiting for on pfSense is for the 10gig  ports to be recognized

     

    Take a quick look at OPNsense (a more than 3 years older fork of pfSense). No problem on 10 gig HW for me.

    Let alone the fact that I find OPN much more polished than pf.

     

    Cheers, good luck!

    (@all, sorry for the off-topic)

  • 0

    Why after all this time, is this still not solved? How hard can this possibly be? It would be a huge win to resolve this and with so little effort.

  • 0

    I just downloaded and installed Untangle v16 beta... It has UEFI install and boot as of v16... choice what to use with my SuperMicro Denverton MB has been made

  • +1 in reply to BanksDad

    Hi,

    the issue is not seen as a high priority because the issue only affects non paying customers in the majority.

    Ian

  • 0 in reply to rfcat_vk

    I imagine this is speculation on your part. That would be foolish considering that even the free users bring value to the product. I have advocated for sophos in my company because of the fact that I have been a longtime home user. Ignoring the voice of us means they could lose paying customers as well.