Intel I219-LM network interface card not detected

Hi Adrian and welcome to the UTM Community!

I don't know if there's a newer one, but the Hardware Compatibility list pdf from 2016 does not list the I219.

According to a post in the Unofficial HCL, it still wasn't supported a year ago.

The two cards don't need to be identical, but you do need to reload from ISO after you add a different device as the only drivers loaded are the ones for the devices found at the time of installation.

Cheers - Bob

Thank you BAlfson for your reply. I wonder how cryptochrome got it working. I'm cross with myself that I didn't dig deeper.

I did see a post eluding to the fact that Sophos consider the L219 NIC a consumer product. Interesting, considering I've seen SuperMicro Xeon boards with the same NIC.

So where do I go from here. Is it possible to load in the drivers? I've seen various posts, some say it's possible, some say not, some advise against it as this is a security appliance and has to be compiled in with the compile tools that Sophos have. Either way, I haven't found a noob step-by-step on how one might add ones own drivers.

Is there any scope in trying to pay Sophos to add these drivers. If they haven't added it since 2016, I don't see they're going to do it now, unless they have an incentive.

I suppose I can use my build for something else and go for something else like the Fortinet 60E which will mitigate issues with vendor / hardware support.

Thanks again.

W.

I don't recall hearing of anyone adding an unsupported driver, so I think it's either add a NIC or shift to a different tool.  You might check out the XG.  It's a different approach than the UTM, but is probably a great tool if you're starting from scratch.  That said, I don't know if it supports the I219.

Cheers - Bob

Thanks BAlfson 

As far as I can tell, it's the same issue with XG. The I219 is considered consumer grade.

I have had a thought though, what stops me installing XG or UTM on top of a hypervisor such as ESX?  I have installed UTM on ESX before, so I know UTM supports ESX drivers and I know I can get the I219 driver to work with ESXi 6.5. 

The reason for the small ITX form factor is so that it can be physically located next to my router and I believe this would solve the problem.

Thanks

W. 

Great idea, Adrian!  I guess these little boxes can handle ESXi - that's an obvious answer.  I don't work with anything other than Sophos, HP and VMs on big boxes, so I hadn't thought of that.

Install on Suse Enterprise 11 64-bit with VMXNET3 adaptors.

Cheers - Bob

That's a reasonable work around.  Been running utm under exsi 6.5 since last September without much issue.

What you lose in performance you gain by being able to run multiple servers on the same machine (maybe a pbx?)

I upgraded to fiber a few weeks ago.  The transition was seamless.  Now, I'm trying to rid myself of having traffic tunneled through the att gateway, instead I want it to go UTM <> ONT.  Running into issues where exsi doesn't pass vlan 0 to the vm's.  While utm doesn't support vlan 0 in the UI, it's possible to configure it through ssh.  Of course there are many other issues and it's a huge work in progress.  This of course is an unsupported configuration and it's not even known if this will be workable.

For home use, 4GB of ram should be plenty.  Core allocation depends on how much data processing you want to do.  I'm running an i5 5250 (dual core w/ hyperthreading), all 4 cores assigned.  It can handle wan speeds of upto ~250-300 mbps overall with full intrusion protection enabled.  Certain exclusions had to be made to achieve full bandwidth (gigabit fiber). No inspection on vpn connections or 443 outbound traffic.  This still allows relatively decent protection without compromising speed.  You'll need to do your own testing to determine what work in your application.

Hi Jay Jay,

Thanks for the info.

I'm not intending on running any other VMs on this box which has an i5-7400 CPU and 16GB of RAM, but I won't say never!

I've actually installed XG at this point. XG seems to be the new UTM, (although, I understand UTM is not going anywhere any time soon) and my plan is to create a "bump-in-the-wire", replacing the firewall or ACL feature of my Cisco C897VAW router, so I've got to bridge the ADSL or dialer interface with an Ethernet interface which will connect up to the "dirty" port on the XG and the clean port will connect to the WAN interface, where all the Layer 3 stuff is done. PPPoE will be done on the XG.

At this point, I have no idea how it will perform and even if it will work, although research and asking questions on here and on other forums, suggest it should be possible. The Cisco guys look at me as though I'm nuts.

If I end up having to disable too many features from the C897VAW, I might sell it and get a plain ADSL modem, an AP and a small PoE switch.

I've just got to find the time to down my broadband and reconfigure the router...

Thanks

W.

Hi Jay Jay,

Thanks for the info.

I'm not intending on running any other VMs on this box which has an i5-7400 CPU and 16GB of RAM, but I won't say never!

I've actually installed XG at this point. XG seems to be the new UTM, (although, I understand UTM is not going anywhere any time soon) and my plan is to create a "bump-in-the-wire", replacing the firewall or ACL feature of my Cisco C897VAW router, so I've got to bridge the ADSL or dialer interface with an Ethernet interface which will connect up to the "dirty" port on the XG and the clean port will connect to the WAN interface, where all the Layer 3 stuff is done. PPPoE will be done on the XG.

At this point, I have no idea how it will perform and even if it will work, although research and asking questions on here and on other forums, suggest it should be possible. The Cisco guys look at me as though I'm nuts.

If I end up having to disable too many features from the C897VAW, I might sell it and get a plain ADSL modem, an AP and a small PoE switch.

I've just got to find the time to down my broadband and reconfigure the router...

Thanks

W.