This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

ASG 8.102 on Toshiba Magnia SG30

Well after installing 7.502 on my SG30 about a year ago I figured it was time to move up to v8 and see how well this old box could handle a little bigger load.  I went into it wanting to fix a few things that didn't make me happy that may have stemmed from how ASG was installed on the hard drive.

If you just want to get to the download and install it without reading the technical babble of what was involved, skip down near the smiley face towards the bottom and go for it!  Otherwise..... Read on for the rest of my messy, boring, nerdy post....

Instead of installing this from outside the SG30 I decided I wanted to run the installer from a modified CD on the SG30 itself, via a remote serial console.  Here's a rough outline of what was required to make that happen.

NOTE: If you don't already have a serial cable for your SG30, this is the one I picked up and I can say it works great with a null modem cable between the DB25 and the computer: Mac serial cable from Monoprice

The installer is based off the asg-8.102-2.1.iso with some modifications to make it usable on the SG30. For starters the syslinux boot loader has been modified to work with a serial console. (All serial communications are set at 115200,8,N,1)  All of the modifications to boot the installer properly were done to the "initramfs.gz" and "isolinux.cfg" file in the "isolinux" folder on the installer CD.  "Intro.txt" was also modified to reflect how to send F1 & F3 over the serial connection.

The onboard LCD should display some information to the user as to where it is in the installation process, "Running Astaro Installer" being the last thing displayed before the reboot occurs.

Support for the ethernet devices is already baked in but needed some modules loaded for them.  This was as simple as adding the e100 and 8139too modules at boot time, they'll also be loaded on the installed system then.

There are also several other modifications of the CD boot process that allow the installer to work over a serial redirected console. In the middle of the boot process before the installer starts it actually drops you to a bash prompt so you can make any modifications you'd like before launching the installer.  If you just want to continue on normally, type "exit" and enter and it will start the installer.

In the installer on a regular console you can switch between virtual terminals for the log and a shell prompt.  These are the ALT-F2 and ALT-F4 functions in the installer and the modifications I made render those screens unusable. By dropping to the shell prompt before launching the installer it will allow users to copy those files and others to make any other changes before going into the installer. 

After it's installed on first boot I've inserted a script that will setup the rest of the system. The /etc/init.d/rc3.d/S00boot.sglcd file is responsible for setting the system up for use and displaying the boot message on the LCD screen at startup. The other file to go along with the script is the tar archive: /home/login/magnia-lcd-support-files.tar.gz

S00boot.sglcd and the tar archive are the only files that are injected into the installed file system by the Astaro installer. These files were injected into the "install.tar" file located in the "install" folder on the CD. Basically at boot S00sglcd.boot quickly checks for 3 files on the system and if they're not there, it performs the needed action to install them. It does this at each boot so if Astaro makes changes, it should be able to recover itself after a reboot. 

One of the things is checks for is the existence of the /sa2 folder, if it's not found, it extracts the tar archive to /sa2 on the file system. Inside that folder are all the files required for LCD support along with other support files.  After the /sa2 folder is populated, start up scripts get copied and linked in /etc/init.d to handle the boot changes for the SG.  It's important to note that I focused on NOT modifying ANY of Astaro's preexisting bootup scripts this time.  I placed the links in the proper locations to give LCD feedback on the boot process and make the booting process as smooth as possible.

The included files and extras take up total about 4-5MB on the hard drive so space shouldn't be an issue.  There's also a customization PDF, and some other files some might be interested in rummaging through in the /sa2 path...

After your booted up you'll notice the LCD displaying the time and date, you can also press the soft button to get a switch view showing active ports on the back panel. The power button is also functional and will power the system off safely. When a power off is requested from the web admin portal it will send the needed commands to the LCD controller to power the box off as well. The LCD will show things like restarting and shutdown sequences, nothing crazy but it's not just sitting there displaying "BIOS POST!" the whole time.

Some of the boot process and LCD usage is logged, the front power button being a notable one. When a shutdown is initiated from the panel it places an entry in the Device Agent log. (Accessible from web admin) Also a few other things are logged there at startup, basically what the scripts see as the system comes to life.  Mostly this is just a "wait" state in the startup script to make sure the NICs are alive before reporting on the LCD that the system is "up."  I noticed a few times that the IPsec / L2TP daemon reported it wasn't running if the scripts didn't look for the NICs to be alive, easy fix for the problem.

After it's up and alive you should have a fully working ASG v8 system on your Toshiba Magnia!  I've been quite happy with it's performance with 1GB of ram on the box (maxed).  CPU usage hovers around 5-10% usage when just dealing with traffic and packet inspection,  nothing but update tasks get the cpu above 40-50%.

If you load this up, PLEASE come back and report your findings here!! [:D]

You can get the CD image here: Toshiba Magnia Astaro v8 Install CD
(The image is across 3 RAR files that have recovery records with them, use WinRAR to repair them if recovery is needed)

If you're interested in any of the other SG related files I have: HaTaX's SG30 Files



Other thoughts on the SG30 running/installing ASG v8:

Someone posted how to make a bootable flash drive to install astaro from. I gave it a quick shot and didn't have much success with it on the SG30. It does support the boot from it so I'd guess with a little work it could be done. People may want to try and monkey with this, so the shell before the installer will allow you to get around the lack of being able to ALT-F2 inside the installer.  This might work better keeping in mind the ehci-hcd issue I had with the 3G modem.

I've been playing around with the 3G modem feature on the SG30 and it seems it will work quite well with just a few simple modifications.  I'll look into rolling these into a new installer soon.  Namely the ehci-hcd module is causing problems and made my system hang up at boot with my MiFi 2200 plugged in.  I added a script to run just before Astaro's S15 script that performs the usb_modeswitch on the device, and it looks like it resolves the issue and I can see it in the web interface.

Had an issue with v7 on the SG30 that would randomly come up with I/O journal errors and lock the system up.  I am hoping installing it directly on the hardware with all of the "stock" items loading correctly and functioning will help with this issue.  Most of the time this means a bad HDD, but I tried 3 different drives of which I know 2 are definitely good.  Just a reboot every week got around this so we'll see how v8 being properly installed helps make it over 7-10 days.


This thread was automatically locked due to age.
Parents
  • I have a SG30 and the hard drive is bad so need a image or CD. The link you give for them  http://www.mediafire.com/?aiev3pm81p56a wants $90 a year and I just need to download 1 file.

    Is there any place else to download the rescue CD or a image?

    I think I like the rescue CD because want to have a SSD in this can get like a 500GB SATA SSD for about $50 today. But need a SATA to IDE and I have that. Just need to install the OS on it now.

    -Raymond Day

  • Hi Raymond and welcome to the UTM Community!

    That link contains the ISOs for a software version 8 - probably not what you want.  If you have an SG appliance, you will want to choose an ssi (hardware) version from UTM Support Downloads.  If you are having problems with the hard drive in your SG, do not open the case!  Doing so will void the warranty.  I would urge you to contact your reseller immediately.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • After all this time can download all the Ubuntu server for the SG30 but when putting it together get errors like this:

    ! C:\Users\raymo\Documents\Download\SG30-Ubuntu-Server-910.img.part05.rar: Packed data checksum error in SG30-Ubuntu-Server-910.img.gz. The volume is corrupt
    ! C:\Users\raymo\Documents\Download\SG30-Ubuntu-Server-910.img.part11.rar: Packed data checksum error in SG30-Ubuntu-Server-910.img.gz. The volume is corrupt
    ! C:\Users\raymo\Documents\Download\SG30-Ubuntu-Server-910.img.part13.rar: Packed data checksum error in SG30-Ubuntu-Server-910.img.gz. The volume is corrupt
    ! C:\Users\raymo\Documents\Download\SG30-Ubuntu-Server-910.img.part23.rar: Packed data checksum error in SG30-Ubuntu-Server-910.img.gz. The volume is corrupt
    ! C:\Users\raymo\Documents\Download\SG30-Ubuntu-Server-910.img.part26.rar: Packed data checksum error in SG30-Ubuntu-Server-910.img.gz. The volume is corrupt
    ! C:\Users\raymo\Documents\Download\SG30-Ubuntu-Server-910.img.part31.rar: Packed data checksum error in SG30-Ubuntu-Server-910.img.gz. The volume is corrupt
    ! C:\Users\raymo\Documents\Download\SG30-Ubuntu-Server-910.img.part39.rar: Checksum error in SG30-Ubuntu-Server-910.img.gz. The file is corrupt

    I guess the download place it not very good. I even said fix it and it says getting new key but still corrupt.

    -Raymond Day

  • Got this SSD in my SG20 it can in a SG30 too. Can put the cover on but have to left up on it just a little to slide the top on. Got the SATA to IDE on Amazon. Just $9 for it.

  • Here is a link to my Google photo's with one from the BIOS screen of the SG30. I got a ribbon cable and put a video card in it. So can get this screen.

    https://photos.app.goo.gl/NGQeUnNvBponYaLA9

    It shows you the keys you can press to boot in to things.

    -Raymond Day

  • Just checked it again I downloaded just the corrupt files again. But WinRAR says the same testing them. The same files are still all corrupt!

    I thought with all this time maybe it be fixed. Why do they even have them files up there if they are corrupt can't use them.

    -Raymond Day

  • I installed the Toshiba Magnia Astaro v8 Install CD it took a long time I thought it was locked up but the CD open and it had a clock on it's LCD display.

    Got a ribbon cable to a VGA card. I log in to it with root and no password.

    I did a ifconfig and and it's eth0 is set to 192.168.0.1 how do I change it. I set it to what should work with "ifconfig eth0 192.168.86.5 netmask 255.255.255.0"

    Can only ping it's IP. I got the Ethernet plug in one of it's 7 ports when I plug it in the 1 port I could get get a ping from it.

    How can I set a IP and get it to save it?

    -Raymond Day

  • Checked all it's open ports I have the Ethernet plug in port 7. Only port 4444 if open.

    nmap -PI 192.168.86.5

    Starting Nmap 7.60 ( https://nmap.org ) at 2020-02-02 10:48 EST
    Nmap scan report for 192.168.86.5
    Host is up (0.00019s latency).
    Not shown: 999 filtered ports
    PORT STATE SERVICE
    4444/tcp open krb524
    MAC Address: 00:10:C6:1F:5A:B3 (Universal Global Scientific Industrial)

    Nmap done: 1 IP address (1 host up) scanned in 8.43 seconds

     

    I went to http://192.168.86.5:4444/ but it says this page isn't working

     

    How do I set this ASG up?

     

    -Raymond Day

  • I had to go to https://192.168.86.5:4444 and can set it up there doing that now.

    So just had to put in the https not just http.

    -Raymond Day

  • The ASG worked good and I DD back it up after I set it up some.

    But I still like to install a Ubuntu server on it.

    Got a VGA card on it with a cable so I can still have the top board plug in. There is one IDE plug in it and I plug a IDE cable in it and put the HDD and DVD ROM drove on the 2 ports of the cable.

    It works good. Installed Ubuntu server 32 bit on it. But it still don't boot. It's says no boot sector found or other installs said boot sector out of range.

    Guess tested about 10 installs now and after done just don't boot.

    Any one know how could get this to work. I guess have to make some small partition at the start of the HDD and put the boot on that partition and maybe it has to be a FAT32 partiton. Not sure if so how would I do that?

    To bad the ISO Ubuntu server is corrupt about 5 or more files when trying to put them together in a ISO.

    Did any one else make a ISO of this long ago when or if it ever worked?

    -Raymond Day

  • I got Ubuntu 18.04.4 LTS installed on my SG30!

    Started with I think Ubuntu 10 32-bit or i386 and the 1st version update. Had to run a fix system and picked to fix grub. From then on it booted and found out they have no i386 ISO so have to update it to 18.04.4 LTS. I guess next month can update it to 20.04.

    But I don't have the LCD working. I got the programs out of the Astaro Security Gateway V7 but it has RPM's in it and will not work on Ubuntu server. Installed that on a 32GB SD card and put that card in my other Ubuntu server and did 2 copy commands like this:

    rsync -avP /media/m/etc/init.d/boot.d/S00boot.sglcd root@sg30:/etc/init.d/

    rsync -avP /media/m/home/login root@sg30:/home/

    But like I said it has RPM's in it and so it will not work on Ubuntu server.

    In the Yahoo GS30 grape they had a LCD script for the SG30 but I never downloaded it. Any one have that. It my work for Ubuntu server.

    It just be nice to have the switch and LCD working on this. Don't really need it.

    To bad the Linux download link here are messed up. When unzipping them says error on like 5 or more of the files.

    -Raymond Day

     
  • On the Yahoo groups they let you download it. I have a zip file and in it had the files for the SG20 and in there a lcd-2.2.1.tar.gz

    The files from that look like this:

    root@sg30:~# cd /home/raymond/lcd-2.2/
    root@sg30:/home/raymond/lcd-2.2# ls
    firewall-off.sh ipaddr lcd-2.2 lcd.c lcd.init README
    firewall.sh lcd lcd-2.2.c lcd.c~ Makefile
    root@sg30:/home/raymond/lcd-2.2# ls -l
    total 136
    -rwxr-xr-x 1 raymond raymond 229 Jun 10 2007 firewall-off.sh
    -rwxr-xr-x 1 raymond raymond 2557 Jun 11 2007 firewall.sh
    -rwxr-xr-x 1 raymond raymond 255 Jun 11 2007 ipaddr
    -rwxr-xr-x 1 raymond raymond 19684 May 18 2009 lcd
    -rwxr-xr-x 1 raymond raymond 19678 May 16 2009 lcd-2.2
    -rwx------ 1 raymond raymond 21217 May 18 2009 lcd-2.2.c
    -rw-r--r-- 1 raymond raymond 21267 May 18 2009 lcd.c
    -rw------- 1 raymond raymond 21215 May 18 2009 lcd.c~
    -rwxr-xr-x 1 raymond raymond 466 Mar 9 2007 lcd.init
    -rw-r--r-- 1 raymond raymond 96 Mar 9 2007 Makefile
    -rw-r--r-- 1 raymond raymond 2530 Jun 11 2007 README
    root@sg30:/home/raymond/lcd-2.2#

    I did do a make install and it seems to run the "Makefile" but it needs to run a lot more.

    How do I install this. The README just shows what it can do not how to install it.

    It's got Ubuntu Linux 18.04.4 32-bit server on it. Be nice if could get the LCD not to just display the "BIOS POST".

    But all I have done it does say "Please Wait...e" on it now.

    Guess soon can update it to 20.04

    -Raymond Day

Reply
  • On the Yahoo groups they let you download it. I have a zip file and in it had the files for the SG20 and in there a lcd-2.2.1.tar.gz

    The files from that look like this:

    root@sg30:~# cd /home/raymond/lcd-2.2/
    root@sg30:/home/raymond/lcd-2.2# ls
    firewall-off.sh ipaddr lcd-2.2 lcd.c lcd.init README
    firewall.sh lcd lcd-2.2.c lcd.c~ Makefile
    root@sg30:/home/raymond/lcd-2.2# ls -l
    total 136
    -rwxr-xr-x 1 raymond raymond 229 Jun 10 2007 firewall-off.sh
    -rwxr-xr-x 1 raymond raymond 2557 Jun 11 2007 firewall.sh
    -rwxr-xr-x 1 raymond raymond 255 Jun 11 2007 ipaddr
    -rwxr-xr-x 1 raymond raymond 19684 May 18 2009 lcd
    -rwxr-xr-x 1 raymond raymond 19678 May 16 2009 lcd-2.2
    -rwx------ 1 raymond raymond 21217 May 18 2009 lcd-2.2.c
    -rw-r--r-- 1 raymond raymond 21267 May 18 2009 lcd.c
    -rw------- 1 raymond raymond 21215 May 18 2009 lcd.c~
    -rwxr-xr-x 1 raymond raymond 466 Mar 9 2007 lcd.init
    -rw-r--r-- 1 raymond raymond 96 Mar 9 2007 Makefile
    -rw-r--r-- 1 raymond raymond 2530 Jun 11 2007 README
    root@sg30:/home/raymond/lcd-2.2#

    I did do a make install and it seems to run the "Makefile" but it needs to run a lot more.

    How do I install this. The README just shows what it can do not how to install it.

    It's got Ubuntu Linux 18.04.4 32-bit server on it. Be nice if could get the LCD not to just display the "BIOS POST".

    But all I have done it does say "Please Wait...e" on it now.

    Guess soon can update it to 20.04

    -Raymond Day

Children
No Data