ASG 8.102 on Toshiba Magnia SG30

Well after installing 7.502 on my SG30 about a year ago I figured it was time to move up to v8 and see how well this old box could handle a little bigger load.  I went into it wanting to fix a few things that didn't make me happy that may have stemmed from how ASG was installed on the hard drive.

If you just want to get to the download and install it without reading the technical babble of what was involved, skip down near the smiley face towards the bottom and go for it!  Otherwise..... Read on for the rest of my messy, boring, nerdy post....

Instead of installing this from outside the SG30 I decided I wanted to run the installer from a modified CD on the SG30 itself, via a remote serial console.  Here's a rough outline of what was required to make that happen.

NOTE: If you don't already have a serial cable for your SG30, this is the one I picked up and I can say it works great with a null modem cable between the DB25 and the computer: Mac serial cable from Monoprice

The installer is based off the asg-8.102-2.1.iso with some modifications to make it usable on the SG30. For starters the syslinux boot loader has been modified to work with a serial console. (All serial communications are set at 115200,8,N,1)  All of the modifications to boot the installer properly were done to the "initramfs.gz" and "isolinux.cfg" file in the "isolinux" folder on the installer CD.  "Intro.txt" was also modified to reflect how to send F1 & F3 over the serial connection.

The onboard LCD should display some information to the user as to where it is in the installation process, "Running Astaro Installer" being the last thing displayed before the reboot occurs.

Support for the ethernet devices is already baked in but needed some modules loaded for them.  This was as simple as adding the e100 and 8139too modules at boot time, they'll also be loaded on the installed system then.

There are also several other modifications of the CD boot process that allow the installer to work over a serial redirected console. In the middle of the boot process before the installer starts it actually drops you to a bash prompt so you can make any modifications you'd like before launching the installer.  If you just want to continue on normally, type "exit" and enter and it will start the installer.

In the installer on a regular console you can switch between virtual terminals for the log and a shell prompt.  These are the ALT-F2 and ALT-F4 functions in the installer and the modifications I made render those screens unusable. By dropping to the shell prompt before launching the installer it will allow users to copy those files and others to make any other changes before going into the installer. 

After it's installed on first boot I've inserted a script that will setup the rest of the system. The /etc/init.d/rc3.d/S00boot.sglcd file is responsible for setting the system up for use and displaying the boot message on the LCD screen at startup. The other file to go along with the script is the tar archive: /home/login/magnia-lcd-support-files.tar.gz

S00boot.sglcd and the tar archive are the only files that are injected into the installed file system by the Astaro installer. These files were injected into the "install.tar" file located in the "install" folder on the CD. Basically at boot S00sglcd.boot quickly checks for 3 files on the system and if they're not there, it performs the needed action to install them. It does this at each boot so if Astaro makes changes, it should be able to recover itself after a reboot. 

One of the things is checks for is the existence of the /sa2 folder, if it's not found, it extracts the tar archive to /sa2 on the file system. Inside that folder are all the files required for LCD support along with other support files.  After the /sa2 folder is populated, start up scripts get copied and linked in /etc/init.d to handle the boot changes for the SG.  It's important to note that I focused on NOT modifying ANY of Astaro's preexisting bootup scripts this time.  I placed the links in the proper locations to give LCD feedback on the boot process and make the booting process as smooth as possible.

The included files and extras take up total about 4-5MB on the hard drive so space shouldn't be an issue.  There's also a customization PDF, and some other files some might be interested in rummaging through in the /sa2 path...

After your booted up you'll notice the LCD displaying the time and date, you can also press the soft button to get a switch view showing active ports on the back panel. The power button is also functional and will power the system off safely. When a power off is requested from the web admin portal it will send the needed commands to the LCD controller to power the box off as well. The LCD will show things like restarting and shutdown sequences, nothing crazy but it's not just sitting there displaying "BIOS POST!" the whole time.

Some of the boot process and LCD usage is logged, the front power button being a notable one. When a shutdown is initiated from the panel it places an entry in the Device Agent log. (Accessible from web admin) Also a few other things are logged there at startup, basically what the scripts see as the system comes to life.  Mostly this is just a "wait" state in the startup script to make sure the NICs are alive before reporting on the LCD that the system is "up."  I noticed a few times that the IPsec / L2TP daemon reported it wasn't running if the scripts didn't look for the NICs to be alive, easy fix for the problem.

After it's up and alive you should have a fully working ASG v8 system on your Toshiba Magnia!  I've been quite happy with it's performance with 1GB of ram on the box (maxed).  CPU usage hovers around 5-10% usage when just dealing with traffic and packet inspection,  nothing but update tasks get the cpu above 40-50%.

If you load this up, PLEASE come back and report your findings here!! Big Smile

You can get the CD image here: Toshiba Magnia Astaro v8 Install CD
(The image is across 3 RAR files that have recovery records with them, use WinRAR to repair them if recovery is needed)

If you're interested in any of the other SG related files I have: HaTaX's SG30 Files



Other thoughts on the SG30 running/installing ASG v8:

Someone posted how to make a bootable flash drive to install astaro from. I gave it a quick shot and didn't have much success with it on the SG30. It does support the boot from it so I'd guess with a little work it could be done. People may want to try and monkey with this, so the shell before the installer will allow you to get around the lack of being able to ALT-F2 inside the installer.  This might work better keeping in mind the ehci-hcd issue I had with the 3G modem.

I've been playing around with the 3G modem feature on the SG30 and it seems it will work quite well with just a few simple modifications.  I'll look into rolling these into a new installer soon.  Namely the ehci-hcd module is causing problems and made my system hang up at boot with my MiFi 2200 plugged in.  I added a script to run just before Astaro's S15 script that performs the usb_modeswitch on the device, and it looks like it resolves the issue and I can see it in the web interface.

Had an issue with v7 on the SG30 that would randomly come up with I/O journal errors and lock the system up.  I am hoping installing it directly on the hardware with all of the "stock" items loading correctly and functioning will help with this issue.  Most of the time this means a bad HDD, but I tried 3 different drives of which I know 2 are definitely good.  Just a reboot every week got around this so we'll see how v8 being properly installed helps make it over 7-10 days.
  • In reply to Raymond Day:

    The SG30-Ubuntu-Server-910.img.part22 file must be corrupt on there. Because it did let me down load the SG30-Ubuntu-Server-910.img.part23 one.

     

    Does any one have them still to up load the bad SG30-Ubuntu-Server-910.img.part22 up there again?

     

    -Raymond Day

  • In reply to Raymond Day:

    If you want to load Sophos UTM software on the Toshiba, go to UTM Support Downloads and download an asg image, not an ssi.  You do not need to load Ubuntu on the Toshiba in order to load UTM software.  If your intent is simply to use the Toshiba with Ubuntu installed, then the members of this forum are unlikely to be of help to you.

    Cheers - Bob

  • In reply to BAlfson:

    Downloaded the UTM from your link the top one ISO but it is to big to fit on a CD-R I had to burn it to a DVD-R. But the USB drive I have is only a CD one.

    Guess I have to set the BIOS up any why still waiting for the RS-232 cable. Seems like it's not set up to boot from the hard drive any more.

    Because I have a old SG30 image. I put that SSD on my SG20 and it boots up and works! But if I put it in the SG30 just go to BIOS POST!

    -Raymond Day

  • In reply to Raymond Day:

    I did get the RS232 cable but just got junk on the terminal. just a few letters.

    Got a VGA ribbon cable and used a VGA video card.

    I can see it boot then. Seems like all I had to do is press enter on the keyboard I know have on it with the power supply hanging out some.

    So it is working now. I set up it's IP and stuff on the port 8282.

    Have a 250GB hard drive in it but it only sees it as a 32GB. Is there a way to make it use the full size?

    Can SSH to it. This shows some info.

    [root@myserver30 /]# fdisk -l

    Disk /dev/hda: 255 heads, 63 sectors, 30401 cylinders
    Units = cylinders of 16065 * 512 bytes

    Device Boot Start End Blocks Id System
    /dev/hda1 * 1 261 2096451 83 Linux
    /dev/hda2 262 414 1228972+ 83 Linux
    /dev/hda3 415 4831 35479552+ 83 Linux
    /dev/hda4 4832 30402 205393576+ 5 Extended
    /dev/hda5 4832 4864 265041 82 Linux swap
    /dev/hda6 4865 30402 205126656 83 Linux
    [root@myserver30 /]# mount /dev/hda6 /home2
    mount: wrong fs type, bad option, bad superblock on /dev/hda6,
    or too many mounted file systems
    [root@myserver30 /]# mount /dev/hda4 /home2
    mount: error while guessing filesystem type
    mount: you must specify the filesystem type
    [root@myserver30 /]# df -h
    Filesystem Size Used Avail Use% Mounted on
    /dev/hda1 2.0G 689M 1.1G 36% /
    /dev/hda3 33G 33M 31G 1% /home
    none 503M 0 503M 0% /dev/shm
    /dev/hda2 1.2G 87M 1.0G 8% /var
    [root@myserver30 /]#

    I did put a Boot Ubuntu server USB on it but the VGA just has a flashing _ in the top left corner. I think need a 32bit Ubuntu server and they stop making that.

    -Raymond Day

  • In reply to Raymond Day:

    After all this time can download all the Ubuntu server for the SG30 but when putting it together get errors like this:

    ! C:\Users\raymo\Documents\Download\SG30-Ubuntu-Server-910.img.part05.rar: Packed data checksum error in SG30-Ubuntu-Server-910.img.gz. The volume is corrupt
    ! C:\Users\raymo\Documents\Download\SG30-Ubuntu-Server-910.img.part11.rar: Packed data checksum error in SG30-Ubuntu-Server-910.img.gz. The volume is corrupt
    ! C:\Users\raymo\Documents\Download\SG30-Ubuntu-Server-910.img.part13.rar: Packed data checksum error in SG30-Ubuntu-Server-910.img.gz. The volume is corrupt
    ! C:\Users\raymo\Documents\Download\SG30-Ubuntu-Server-910.img.part23.rar: Packed data checksum error in SG30-Ubuntu-Server-910.img.gz. The volume is corrupt
    ! C:\Users\raymo\Documents\Download\SG30-Ubuntu-Server-910.img.part26.rar: Packed data checksum error in SG30-Ubuntu-Server-910.img.gz. The volume is corrupt
    ! C:\Users\raymo\Documents\Download\SG30-Ubuntu-Server-910.img.part31.rar: Packed data checksum error in SG30-Ubuntu-Server-910.img.gz. The volume is corrupt
    ! C:\Users\raymo\Documents\Download\SG30-Ubuntu-Server-910.img.part39.rar: Checksum error in SG30-Ubuntu-Server-910.img.gz. The file is corrupt

    I guess the download place it not very good. I even said fix it and it says getting new key but still corrupt.

    -Raymond Day

  • In reply to Raymond Day:

    Got this SSD in my SG20 it can in a SG30 too. Can put the cover on but have to left up on it just a little to slide the top on. Got the SATA to IDE on Amazon. Just $9 for it.

  • In reply to Raymond Day:

    Here is a link to my Google photo's with one from the BIOS screen of the SG30. I got a ribbon cable and put a video card in it. So can get this screen.

    https://photos.app.goo.gl/NGQeUnNvBponYaLA9

    It shows you the keys you can press to boot in to things.

    -Raymond Day

  • In reply to Raymond Day:

    Just checked it again I downloaded just the corrupt files again. But WinRAR says the same testing them. The same files are still all corrupt!

    I thought with all this time maybe it be fixed. Why do they even have them files up there if they are corrupt can't use them.

    -Raymond Day

  • In reply to Raymond Day:

    I installed the Toshiba Magnia Astaro v8 Install CD it took a long time I thought it was locked up but the CD open and it had a clock on it's LCD display.

    Got a ribbon cable to a VGA card. I log in to it with root and no password.

    I did a ifconfig and and it's eth0 is set to 192.168.0.1 how do I change it. I set it to what should work with "ifconfig eth0 192.168.86.5 netmask 255.255.255.0"

    Can only ping it's IP. I got the Ethernet plug in one of it's 7 ports when I plug it in the 1 port I could get get a ping from it.

    How can I set a IP and get it to save it?

    -Raymond Day

  • In reply to Raymond Day:

    Checked all it's open ports I have the Ethernet plug in port 7. Only port 4444 if open.

    nmap -PI 192.168.86.5

    Starting Nmap 7.60 ( https://nmap.org ) at 2020-02-02 10:48 EST
    Nmap scan report for 192.168.86.5
    Host is up (0.00019s latency).
    Not shown: 999 filtered ports
    PORT STATE SERVICE
    4444/tcp open krb524
    MAC Address: 00:10:C6:1F:5A:B3 (Universal Global Scientific Industrial)

    Nmap done: 1 IP address (1 host up) scanned in 8.43 seconds

     

    I went to http://192.168.86.5:4444/ but it says this page isn't working

     

    How do I set this ASG up?

     

    -Raymond Day

  • In reply to Raymond Day:

    I had to go to https://192.168.86.5:4444 and can set it up there doing that now.

    So just had to put in the https not just http.

    -Raymond Day

  • In reply to Raymond Day:

    The ASG worked good and I DD back it up after I set it up some.

    But I still like to install a Ubuntu server on it.

    Got a VGA card on it with a cable so I can still have the top board plug in. There is one IDE plug in it and I plug a IDE cable in it and put the HDD and DVD ROM drove on the 2 ports of the cable.

    It works good. Installed Ubuntu server 32 bit on it. But it still don't boot. It's says no boot sector found or other installs said boot sector out of range.

    Guess tested about 10 installs now and after done just don't boot.

    Any one know how could get this to work. I guess have to make some small partition at the start of the HDD and put the boot on that partition and maybe it has to be a FAT32 partiton. Not sure if so how would I do that?

    To bad the ISO Ubuntu server is corrupt about 5 or more files when trying to put them together in a ISO.

    Did any one else make a ISO of this long ago when or if it ever worked?

    -Raymond Day

  • In reply to Raymond Day:

    I got Ubuntu 18.04.4 LTS installed on my SG30!

    Started with I think Ubuntu 10 32-bit or i386 and the 1st version update. Had to run a fix system and picked to fix grub. From then on it booted and found out they have no i386 ISO so have to update it to 18.04.4 LTS. I guess next month can update it to 20.04.

    But I don't have the LCD working. I got the programs out of the Astaro Security Gateway V7 but it has RPM's in it and will not work on Ubuntu server. Installed that on a 32GB SD card and put that card in my other Ubuntu server and did 2 copy commands like this:

    rsync -avP /media/m/etc/init.d/boot.d/S00boot.sglcd root@sg30:/etc/init.d/

    rsync -avP /media/m/home/login root@sg30:/home/

    But like I said it has RPM's in it and so it will not work on Ubuntu server.

    In the Yahoo GS30 grape they had a LCD script for the SG30 but I never downloaded it. Any one have that. It my work for Ubuntu server.

    It just be nice to have the switch and LCD working on this. Don't really need it.

    To bad the Linux download link here are messed up. When unzipping them says error on like 5 or more of the files.

    -Raymond Day