This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Finding newer compatible NIC hardware that is supported by Sophos firewall home is becoming increasingly difficult

This is becoming an exercise in frustration trying to find a newer device on which to run the Sophos UTM or XG.

Years ago when fanless dual NIC PCs used the Intel i211 chipset, it was supported by Sophos, despite them being made for "consumer use".

Now recently there are a plethora of very fast, efficient fanless PCs that have the upgraded Intel i225 chipsets, yet they are not supported due to them being designed for consumers according to what is said on the forums here.

Most home internet connections are becoming fast enough that the much slower CPUs used in these devices with the supported older NICs cannot keep up with the demands of the IPS.

Sophos still will not release the version 3 of Snort which supports multithreading which can take advantage of multiple CPU cores, instead relying on their proprietary  "Xstream Flow" technology which utilizes a separate CPU for just the IPS/DPI in the XGS devices which are marketed towards business.

It would be great if Sophos could simply put out a list of supported NIC chipsets, but they won't, and the hardware compatibility database (I used comic sans on purpose) is more like personal anecdotes of hardware that should work, the "updated" hardware compatibility list (comic sans again) doesn't even exist. support.sophos.com/.../KB-000034600

I suppose the only way to tell is to find out what linux kernel the UTM 9.7 is using and then see what Intel drivers are included in that kernel.



This thread was automatically locked due to age.
Parents Reply Children
  • Is that a dual port card? I went from a dual port Pro/1000 PT (EXP 19402PT) to using two single port 82574L 

     network cards and it works OK. When I was using the Pro/100 card I was getting "Uplink is down" warnings all the time.

    So I purchased two of the Intel 82574L NICs and they have been working fine. I recommend these if you have the slots 

    https://www.amazon.com/10Gtek-Gigabit-Desktop-Network-EXPI9301CT/dp/B01M28WJ00

  • It's the onboard NIC for the SuperMicro 1U I have, and it works just fine - as long as UTM isn't using it.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • Why is this post only showing like the first 10 or so posts?  We have so much more below this, and I can't get further down the page to see it.  It conveniently stops after a Sophos employee post.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • I was having issues with getting the Sophos Central webpage to load with Chrome. It turned out to be an adblock extension. Try disabling any adblockers, or use a different browser and see if that is causing the issue.

  • Neither option works unfortunately.  It stops after your post below:

    That might be something I consider. I have all but abandoned the idea of a fanless PC due to slow IPS performance, but will look at some refurbished Dell and Lenovo desktops that have the quad core i5 CPUs.

     I'm already considering KVM or VMWare on it along side Pihole. So, I think this might be the way to go.

    And, I know we've had more conversation than that with Patrick. A lot more.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • That's strange because that's where it stops for me too. Maybe you're thinking of a different post that was discussing hardware?

    Maybe it was this one https://community.sophos.com/utm-firewall/f/hardware-installation-up2date-licensing/137167/reliable-poweredge-sc-440-comes-to-an-end

  • Initially, yes that was the one I was thinking of, but was quite sure we had more going on here than what I can read.  Of course, I could just be carb loaded into hazy, old age, holiday loaded, egg nogged out of my mind.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • I don't know what's different, but I installed 9.714-4 on a Dell 7050 SFF, i7-6700. It has a built-in I219-LM (eth0) and it came with a I210 pci-express card (eth1). No issues with either. I checked the kernel log multiple times over the course of several hours. I don't see any e1000e hangs or resets.

    --------------------------------------------------------------------
    Sophos UTM 9.719-3 - Home User
    Virtual machine on Dell Optiplex 3070
    i3-9100 @ 3.60 GHz, 16 GB RAM
    --------------------------------------------------------------------

  • The i219 may work just fine with UTM, the i217 with UTM is worthless.  i210 should work just fine.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • I see in your system you have an i225 nic. Are you using a VM? I'm considering that path since there's really nice fanless appliances out there using the i225 and the newer i226 NIC chips. I have seen some videos online about Proxmox with that one german guy on youtube who is a Sophos engineer who gets really excited explaining how to install Sophos XG on proxmox. 

    I tried out Proxmox and it detected all my hardware, unlike Vmware ESXi, which did not support my dual NIC card.