Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 4 subscribers
  • Views 2084 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can someone verify my intentions? UTM Home, VM, SuperHub + AP

SimonAllen

Hi there,

Apologies if this sort of question has been asked to death but I would like to verify my intentions before I go out and buy any additional hardware, in case I'm barking up the wrong tree. I have years of experience with servers but networks are not my strong point.

I am looking to utilize UTM Home as a way of providing better management, security and filtering of my home web traffic. Using the internet in my home are a number of wireless devices including phones, tablets, laptop, PC, I also have a wired in Media Center and PlayStation. I would like to achieve this as cost effectively as possible... 

I have Virgin Media and a SuperHub, this sits near my Windows 10 media center PC which is wired in and always on - This PC has 2x gigabyte Ethernet ports (Realtek and Marvell). If possible, I would like to run UTM as a VM on the Media Center (VMWare Workstation 12 as mobo doesn't support Hyper-V) 

As I understand it I would need to:

  • Pop the SuperHub into Modem mode, this then only make one port live
  • Connect that port to the External configured port on the PC (virtual UTM).
  • For WLAN AP and internal switch I have my eye on a TP Link TL-WR1043ND. This will have the Internal UTM port connected to one of the 4x ports
  • Would I need to utilize OpenWrt on the WLAN AP? 
  • DNS and DHCP will be configured within UTM
  • All internal devices will be set to use the internal UTM port IP as the gateway.

How does this sound so far?

Would this offer the control of wireless devices (thinking possible restrictions to the kids access down the road but not immediately required)

Regarding setting the virtual networks up within workstation, I assume the external port will be a 'directly connected' configured vmnic (likely the Marvell port), the internal one shared with the host. 

Any comments on my rationale would be appreciated! I know having a dedicated PC for UTM is best but the media center is always on and has 2 ports - its just dying to be utilized (Quad-core, 8GB RAM) 

Thanks in advance!



This thread was automatically locked due to age.
  • 0
    Hi and welcome,
    I am not sure how you plan to access the media centre as well as the UTM with only two ports available? Do you plan to install vm of some sort then install the media centre and the UTM as guests? The widows device will kill the utm every time you get a windows update because the w10 will want a restart. Of course you can schedule the automatic installation and restart at say 3am.
    The realtek should be your external interface because it is a very low performance device and puts a load onto the CPU. You will need to make sure nothing else is using that external interface.
    Assign at least one cpu (preferably two) and 4gb of ram to the UTM.
    You will not be able to manage the AP from the UTM. The UTM only supports the Sophos branded APs.
    Does the media centre have the ability to make a virtual console so you can install the UTM?


    ian

    Ian,

    home UTM 9.x running in ESXi 6 e3-1275v2

    AP55c and AP10 (courtesy Astaro)

    Three other UTMs, SUM and SFM in hibernation

    XG 15.x MR3 in hibernation

  • 0
    Hi Ian,
    Thanks for the response.
    Yes, the Windows 10 Media Center will have the UTM as a guest. When you create a VM in Workstation it has a console for the initial install of UTM. Once I have it up and running I'll set the IP of the media center in the same range as the internal UTM IP and get on to the web interface from there.
    Yes reboots of the Media Center will need to be managed carefully, I'll set the UTM VM to auto start with Windows (the Media Center already auto logins in and fires up my media software etc)
    The external UTM port will be dedicated to UTM, with the intention of the internal UTM being presented on the other, shared NIC. I have already tested this aspect.
    I'll test in part the prospects of this setup and configure the SuperHub, UTM VM etc as, if the media center can't get to the internet post work, I'll have to have a think anyway. I have a spare switch I can test the inclusion of other devices on the LAN.
Unfiltered HTML