Advisory: Sophos Endpoint "Your connection isn't private" after reboot. Policy settings can be returned to normal. See: KB-000045954 for the latest updates.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Micro PC with no Legacy BIOS support

Hi, I'm not sure if I have just locked myself out of using XG home firewaill because of an unexpected BIOS compatibility issue.

My ancient PC (Pentium III) mobo died.  It was running XG 19.x.

Researching for microPC's  (ServeTheHome, Tom's Hardware, etc.) and found a Hunsn RJ03 on NewEgg.  Comes pre-installed with pFsense Plus, so should be compatible with just about any F/W, just d/l the replacement ISO and the hardware specs appeared perfect to run XG Home..

Specs:

  • Intel N5105
  • AES-NI
  • 4 x Intel 2.5GbE
  • I226-V LAN
  • Type-C, TF
  • M.2 WiFi 6 Slot
  • 8G RAM
  • 64G SSD

BUT!  Never noticed this in the product description, or at least, thought it was relevant at the time:

"Compatibility, firewalls tested with pfsense plus, opnsense and other popular open-source software solutions, supports UEFI only."

Sophos doesn't seem concerned, from the community discussions, with providing any UEFI support for this software.  So, have I locked myself out of XG home firewall permanently?

Thx.

DK



This thread was automatically locked due to age.
Parents
  • If you still have time to return the mini Pc you purchased, here are some alternative hardware you can buy that should work:

    Used Sophos SG/XG appliances from eBay.

    Qotom fanless PC from Amazon, eBay and AliExpress that use the Intel i210/i211 NICs.

    Older gen PCs that support legacy BIOS along with the Intel Pro/1000 NICs you can buy for a around $40

    You won't have 2.5G Ethernet, but at least it will work and you won't have to virtualize the firewall.

  • Hi Alan,

    Thanks for the suggestion, but I wanted my firewall platform to be a mini PC (for power savings, horsepower, size, etc.) .  Agree that one of the older Intel minis could have worked too, but I decided I didn't want the hassle of trying to ship this unit back to China.  I basically wiped it of the preinstalled PFSense and reimaged with OpnSense.  My home network environment doesn't demand a lot of complexity, so it's relatively easy to rebuild the rules I had in Sophos.  I will, however greatly miss the the XG interfaces and some of the other features.  If Sophos does eventually decide to support UEFI, I'll definitely consider returning to XG.

  • I purchased a used mini-ITX motherboard/CPU combo off eBay and successfully install Sophos Firewall on it. I'm sorry that you could not find a mini PC to support Sophos.

    The one that I purchased was the ASRock Industrial IMB-194-L Mini ITX Motherboard. This board is fairly old, but the Intel i5 7500T CPU on it is also very power efficient. 

    You are looking for low power CPU, the T series are 35 watts. But If you are happy with your current setup and don't wish to deal with older hardware, then the mini PCs with the Intel n100 CPUs are very power efficient for psSense and you get the 2.5G NIC support which is lacking in Sophos.

  • Hi,

    please review this site's device, it might meet your requirements.

    https://protectli.com/product/vp2420/

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • At this point the Celeron J series is really outdated. There is no reason to get anything with that CPU when a PC that has the Intel n100 or n200 will nearly double the performance for 6 watts such as the Amazon one: these two brands..

    HUNSN or

    MOGINSOK 

    Micro Firewall Appliance with Intel Alder Lake-N 12th Gen N100

  • All very true Alan, but they only come with UEFI bios.

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • Explain why a UEFI or legacy BIOS would even matter if the firewall was going to be virtualized?

  • He does not want to virtualise.

    ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

Reply Children
No Data