I'm finally ready to start migration from the UTM to SFOS, in my home lab. I currently have the UTM installed on a physical PC. I have a lot of settings to migrate such as Web, vLAN's, WAF, VPN, Firewall, SMTP, DKIM... I want to add the SFOS box rather than swap it for the UTM so that I can migrate, little-by-little. Once I'm sure everything is working, I will then remove the UTM.
I have a small block of static public IP's so I can assign a couple of them to the SFOS box. I do have some web apps running behind the UTM. Some are available via the Internet. I also currently have a Windows Domain Controller which acts as my DHCP and split-DNS server. Each Sophos box has four Ethernet ports.From the ISP, I have an ONT with a single Ethernet port.
- For starters, what's the best approach to start the migration? Option 1 or Option 2 as depicted in the image above?
- Since there will be two routers in the network, how do I allow access from certain PC's across the routers?
- Is it easier or necessary to create a second Domain/DC for each router?
Edited TAGs
[edited by: Erick Jan at 1:14 AM (GMT -8) on 26 Feb 2025]
Quote