UTM running as a VM, swapped out a NIC, now can't access webadmin

So, my VMware server shut down.  It wouldn't turn back on, but long story short, the multi-interface NIC I was using stopped working, forcing me to swap it out for another.

I had to reconfigure the VMs to utilize the new NIC.  The other two VMs have no issue, but my UTM VM does.  

I cant access webadmin.   The local address I used to manage the UTM through webadmin ended in .223, but now the console says to connect on the .202 address, which I have no clue how it got.  (VMware shows the UTM to have both the .223 and .202 addresses.) However, I can't connect to the .202 address using h***s://x.x.x.202:4444, i can't ping the address, nor can I access it using SSH (nor can I to the .223 address).

I'm at a complete loss as to what to do.

Is there any way to break the boot up sequence to fix the configuration?

Any and all help will be greatly appreciated.

  • So, I managed to access the system using the console (esc, edit init=/bin/bash).

    It appears that the UTM has no interfaces (other than the loopback). When I run lspci I see two Ethernet Controllers (VMXNET3).

    I guess the question is how to add them.  I'll admit, my linux knowledge is limited, so I followed some tutorial about adding them to /etc/networks and rebooting (didn't know how to restart the services), but that didn't solve the problem.

  • In reply to xyyz 2000:

    I wonder if just editing and saving your VM might not fix this issue.  If not, ...

    Is the subnet from which you are accessing in one of the networks listed by cc get WebAdmin allowed_networks?  If you want more detail about a network 'REF_NetIntInterNetwo', try cc get_object 'REF_NetIntInterNetwo'.

    If that shows you that "Internal (Network)" is the name of the network, try cc get_object_by_name interface ethernet 'Internal'.  Assuming the value of 'itfhw' is REF_IntEth?????, show us what you get with cc get_object REF_IntEth?????.

    Also, show us: cat /etc/udev/rules.d/70-persistent-net.rules

    Cheers - Bob

  • Hello,

     

    i got a simliar problem with my UTM 9.605-1, the appliance runs on an ESXI 6.7 Update 2 and has 3 NICs (vmxnet3) configured. When i add another interface (same configuration but other vlan) i get no access on the WebAdmin (after shutting down and rebooting), i cannot ping any of the ip addresses - only the local console works and ifconfig shows me 3 up and running interfaces with correct ips.

    How can i add another interface to my UTM? In the past i added new intarfaces just i tried now and back then it worked perfect... 

     

    Kind regards

  • In reply to Julian Abraham:

    Hallo Julian and welcome to the UTM Community!

    What results do you get with my suggestion above?

    Cheers - Bob

  • In reply to Julian Abraham:

    adding more interfaces in esx 6.7 seems to dice the interface order once after rebooting the Linux VM.

    In several Linux VMs I had to tcpdump to find what VLAN is connected to what interface and then change the assigned VLANs in ESX or set the corerect IP/networks to my interfaces

  • In reply to papa_:

    Finally i got the interfaces back online the way they are supposed to: While adding a new NIC to the virtual machine the host indeed messes up with the vlan-assignment. I had to disable all interfaces and by tinkering around with the vlan\network-settings in vsphere i got them back - in a differet order.

    Thanks for your help!

  • In reply to BAlfson:

    Thank you for the response!  Sorry for the delay.  I was traveling for a couple of weeks.

    I'll give your suggestions a try and see what happens.

    ----

    So, cc doesn't work.  As for cat /etc/udev/rules.d/70-persistent-net.rules , this is the result:

  • In reply to xyyz 2000:

    You have to be logged in as root to be able to use cc.

    Are you using VMXNET3 NICs for the VM hosting UTM?  There are known problems with the others.

    Cheers - Bob

  • In reply to BAlfson:

    Hello,

    I am logged in as root though.  I am using VMXNET3.

  • In reply to BAlfson:

    after scouring a while, I found something.

    modprobe vmxnet3 seems to install the drivers, so that they're recognized when I do ifconfig -a.  this hasn't solved the problem, unfortunately.  there are two issues.  first, when I reboot, I lose the interfaces, forcing me to run the command again.  second, while I can bring the interface up, assign it an IP address, and ping it, I cannot access webadmin.  I get the following error:

  • In reply to BAlfson:

    nothing should be this complicated to get working.  i restarted httpd, and I got webadmin to load but not without issues.  i'm getting the backend problem when the page loads.  I refreshed.  i restarted httpd several times.  I also tried different browsers.

     

  • In reply to xyyz 2000:

    You have to run the commands I list above as root on the command line of the UTM, not in VMware.

    Cheers - Bob

  • In reply to BAlfson:

    Hello Bob,

    I am running them on the UTM, not the VMWare box.

    Just to recap.  I was able to access the UTM by editing the way it booted.  So, while this is a virtual machine, I am not doing anything with VMware.  I am using VMware to access the console - interrupt the boot process the access the console using the method outline here:

    https://community.sophos.com/kb/en-us/115346

    So, unless I'm not understanding what you're asking, none of the output here is from the ESXi box itself.  It's all from the SophosUTM virtual machine.

    Unless you have another method for me to access the SophosUTM VM, given that it will not recognize and use the ethernet interfaces, this is the only way I know how to do it.

  • In reply to xyyz 2000:

    Don't interrupt the boot process.  Wait until that's finished and then login on the console as root.  Or won't the boot process complete?

    Cheers - Bob