It's been a while since this, but for people looking into having Sophos on a PCEngines APU board, I can tell you this really got MUCH easier with XG firewall.
I just received my APU2C4 board with 4Gb of RAM and I must say I'm quite impressed. I have a 300Mb down 30Mb up WAN and this little thing really manages it great. In fact, if I download at full speed the CPU is at about 30%. I havent enabled anything but firewall (obviously) and web proxy (with antivirus) for now but I don't feel any lag whatsoever. I still have to do more testing though.
To install XG in a new PCEngines APU2 board, just follow these steps:
- Install SSD of your choice and burn the XG ISO in a CD
- Connect the serial cable to your serial port
- Connect to the serial console using Putty and choose 38400 as speed
- Boot it up and run from the CD. Follow the instructions to install it, but basically this means you just have to press "y" once and it will install everything, really.
If you wanted to do a blind installation (without serial) you could just hook up the USB CD reader, connect the power, wait about 1-2 minutes to give it time to ask for confirmation and then press "y". Wait another 5-10 minutes to allow it time to install.
After the installation has finished you wont hear 5 beeps. Instead you will hear a music tune through the inbult speaker!! That's when you can remove the CD, disconnect the power from the APU and put it back on.
Lastly, just connect your computer to port 1 and you will get an IP automatically (otherwise just put yourself at 172.16.16.17) and you can access https://172.16.16.16:4444 and start configuring it!
Thanks Sophos for making XG a console-friendly install!!
OK, so I did much of what was mentioned here except did the silent install with a USB stick and no serial cable. One thing that was not said anywhere in these threads is how to get the iso file on to a flash drive.
I used Rufus image burning software (use the DD writing version) to write the image file to a flash drive. You only need a 1 gig or larger USB drive (512 mb might work).
So, I took the latest image, loaded it into Rufus, specified the DD writing version and waited for it to complete (1 minute). If you do not use the DD method (not the default) the stick will NOT work. The system will make a loud racket and you will have to burn the image again..
Then, stick the USB drive in the APU2c4 on one port and a keyboard on the other port. Give it some power.. Make sure you have at least a 128gb mSata drive in the computer or Sophos could complain. Give it a minute.. Press y.. Then enter key.. Wait a few minutes and when complete the unit will play a song!
You're golden then!! Pull the power cable, keyboard, USB stick.. Count to 10.. Power back on then connect a network cable to port 1 and use the address:
https://172.16.16.16:4444 and begin configuring! No need for a serial cable, external cd-rom drive or anything else!!
Good luck everyone. I'm kind of new to the forum but wanted to share my experiences.
Still a newbie with Sophos, trying to work through an XG home firewall..
Is there a more easy and working way to install a bricked (lost admin password with no access to telnet) APU device? I have a working NULL modem cable and tried every single solution without success. I want to install the latest version Sophos UTM and have below hardware config:
PC Engines APU BIOS build date: Jul 8 2014
Total memory 4096 MB
AMD G-T40E Processor
The last post is from 2017 so I hope there is an easy solution now in 2018 ;-)
Thanks for your help!
Oscar
Vitek,
Thank you for the respons! I do want Sophos UTM indeed, no XG.
As you said serial console is enabled by default now, then the problem is 90% the USB stick. I already doubted if that was prepared well. On my MacOS I tried:
# sudo dd bs=1m if=/Users/xxx/asg-9.509-3.1.iso of=/dev/disk4
Did not give any error, but stick is not booting. Already tried different stick (old and new ones). I will give it another try, but maybe you have some advice? ;-)
kind regards,
Oscar