This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Rebuild UTM - confirm steps

Am newbie with Sophos UTM Home Edition (9.7) that spent 2-3 weeks fighting through intermittent problems setting up the unit because, it turns out, I have bad RAM. Have fixed that and things have stabilized in general. I'm still having a few problems that may well be rookie issues but I also wonder if there might have been permanent corruption so am thinking of taking a backup, reinstalling the restoring the backup.

A couple of questions:

1. Is it fair/accurate to think there's been some hidden corruption from past bad RAM? 

2. Will the following process work for this:

i) use webadmin to do factory reset

ii). take a USB drive and "write the backup file to the root of a USB stick and rename it to 'restore.abf'. Plug the USB pen drive into the UTM and reboot it to automatically restore the config to the UTM." taken from this support page

Or am I better for step i) to do a reinstall from original boot CD I created instead? (will the unit boot from CD first automatically?)

3. Anything missing?

4. Will this remove any corruption?

Anh info would be appreciated



This thread was automatically locked due to age.
Parents
  • It has been my experience from more than one occasion to just start from scratch if you have something catastrophic enough to warrant a wipe of a UTM.  In your case however, you just had bad hardware.  Linux/Unix flavors tend to manage memory a lot better than any Microsoft product, so I think that your restore from a backup wouldn't be hindering at all.

    I would really go with the simple steps first and going through a factory reset and restoring from a backup that you know to be good.  Make sure that your versioning is the same.  Path of least resistance.  ;)

    You can restore from backup at your desk.  Once you upload and apply the restore, it will most likely boot you out of your browser session and have you log back into the UTM with those credentials that were good at the time the backup was taken (from your restore).  This process is literally a small amount of time to perform, and negligible really in time tracking.   

    It really is one of the more painless processes to go through with Sophos.  it will take you about an hour to reload a UTM from scratch, whereas factory reset is literally just a few minutes.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • thanks. so if bad RAM is not considered catastrophic, what is? how likely is this to help or do anything for me, besides clean up dumps and remnants of past problems? The data disk had filled up to 40% of about 40GB. 

    Currently I have the first three ports (eth0,1,2) bridged for LAN and eth3 is WAN port. Does factory reset mean only eth0 will be available after the restart from which to login to do the restore? 

    Thanks again

Reply
  • thanks. so if bad RAM is not considered catastrophic, what is? how likely is this to help or do anything for me, besides clean up dumps and remnants of past problems? The data disk had filled up to 40% of about 40GB. 

    Currently I have the first three ports (eth0,1,2) bridged for LAN and eth3 is WAN port. Does factory reset mean only eth0 will be available after the restart from which to login to do the restore? 

    Thanks again

Children
  • For me, a catastrophe was when even after fixing the issue the UTM, would not boot up, wipe it, it returned with a reboot of the UTM, like in 9.6, and again for me in 9.7 (which was a NIC driver incompatibility with UTM that's been a problem for years).  It would be to the point where functionality of the device is severely hindered or just not working correctly/at all.

    If you feel you need to clean up, the factory reset is the way to go.  It will clear out:

    • System configuration
    • Web Filter cache
    • Logs and reporting data
    • Databases
    • Update packages
    • Licenses
    • Passwords
    • High availability status

    Factory reset will be just like when you got the system loaded and were in the UTM for the first time, and it will shut down.  It should be the original configuration as you set it up when you filled in the information when loading from CD/USB the first time, so your ports would be back to that original config.  Once you do restore from your backup.abf file, your configuration will reload the UTM with your set up information and how you had your setup, but things that you edit with SSH may not be part of that backup, like any special SSH commands you ran to modify the UTM (if it even applies, most likely not).

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • I like Amodin's suggestions, Jean.  Please let us know what you had to do to get it working again.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • did the factory reset and restore, and looks as I had it before (minus an history, of course) but I can't log in using webadmin through IPSec VPN, which I need before I can put the thing back in prod. Would a factory reset cause that? The VPN is up, although I did have to fiddle with it initially, basically turn VPN off/on, reboot, but didn't make any config changes so it's a bit strange because it was working fine before reset...

  • Yes, when you do a factory reset and boot up the device, it's going to be like you've never done anything with it before except load it.  So, it's back to square one until you restore the backup.  You might have to check the monitor screen on the device to see the IP address assigned to it.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)