Staging UTM 9 for PPPoE on eth7

Hi, Mark, and welcome to the UTM Community!

Sorry, your description lost me.  A diagram might help, but it sounds like you're talking about trying to set something up for a remote site on a machine in use at your site - color me confused.

Cheers - Bob

I'm not really sure how I could do a diagram of how to stage something for a remote site. Does this help?

I want to setup the UTM 9 at a staging site in such a way that when it the remote site plugs it in there is no configuration necessary. However currently I can't configure eth0 for the remote site. When eth0 is plugged in I can get to the web managment at either 10.0.0.1 or 10.0.0.2 but if I disconnect eth0 I can't get to 10.0.0.2 even though it's still connected to eth7.

Does that make sense?

Honestly, all but one of the installations I've done over the years has not been onsite or on a device drop-shipped to my client. Where I don't think the local admin will be able to do the five-minute initial-setup wizard, I've done an initial configuration in a VM and then sent a backup and a license to the site where it's then easy to restore the backup to their device and apply the license.

WebAdmin is a GUI that manipulates databases of objects and settings.  A single change there can cause the Configuration Daemon to rewrite hundreds of lines of the code used to run the UTM.  There's a lot happening under the covers that isn't apparent.

You're probably creating a routing nightmare by having two interfaces with 10.0.0.x defined as WebAdmin creates routes automatically based on the subnets defined on its interfaces.  Just configure eth0 for 10.0.0.1/24 and delete the Interface defined on eth7.  You will want them to use eth0 for their LAN at the new site.

My usual recommendation is for internal subnets to be in the 172.16.0.0/12 range.  Reserve 192.168.0.0/16 for public hotspots and home users.  Reserve 10.0.0.0/8 for giant multinationals, ISPs, etc.

Any better luck now?

Cheers - Bob

Honestly, all but one of the installations I've done over the years has not been onsite or on a device drop-shipped to my client. Where I don't think the local admin will be able to do the five-minute initial-setup wizard, I've done an initial configuration in a VM and then sent a backup and a license to the site where it's then easy to restore the backup to their device and apply the license.

WebAdmin is a GUI that manipulates databases of objects and settings.  A single change there can cause the Configuration Daemon to rewrite hundreds of lines of the code used to run the UTM.  There's a lot happening under the covers that isn't apparent.

You're probably creating a routing nightmare by having two interfaces with 10.0.0.x defined as WebAdmin creates routes automatically based on the subnets defined on its interfaces.  Just configure eth0 for 10.0.0.1/24 and delete the Interface defined on eth7.  You will want them to use eth0 for their LAN at the new site.

My usual recommendation is for internal subnets to be in the 172.16.0.0/12 range.  Reserve 192.168.0.0/16 for public hotspots and home users.  Reserve 10.0.0.0/8 for giant multinationals, ISPs, etc.

Any better luck now?

Cheers - Bob

There are on routing problems having both interfaces on the same subnet. The remote site's subnet isn't the same as the staging site. The client would rather not pay to have me fly to Amsterdam for the 5 minutes of work required to do the configuration. If this was a Cisco FW I could setup up without problems, and have it configured based on my needs. It blows me away that no one has thought to set this up to allow it to be staged before being sent out to a remote site...

You have a PM, Mark.

Cheers - Bob

Not for this project, no.