Sophos on pcengines APU?

Question

Hi guys!

First of all - my big bow to all of you making it possible for home users to use sophos utm! There are many different things out there and among all of them - you remain streamlined, organized and offer a professional product at no cost for home users. KUDOS!

I have been using sophos for couple of years and i always had one tripping point: size of HW. I mean, there are mini itx solutions and thin itx standard, but it always turns out looking like a pc and not like a small nice firewall/router.

PcEngines has made a new board that is only 6" x 6", fits in their super small case, has 3 Giga lan ports and mini pci slots for wifi card. The box uses 6-12w under full load and is completely passive!

So - now the big question - will sophos run on this board?

Here is the board:

PC Engines apu1c product file

I hope this will/can work so that i can buid the fw that performs well and that my wife finds it acceptable to stay under the TV set [:)]

cheers

Tomba

This thread was automatically locked due to age.

guillerone · Answer

It's been a while since this, but for people looking into having Sophos on a PCEngines APU board, I can tell you this really got MUCH easier with XG firewall. 
 I just received my APU2C4 board with 4Gb of RAM and I must say I'm quite impressed. I have a 300Mb down 30Mb up WAN and this little thing really manages it great. In fact, if I download at full speed the CPU is at about 30%. I havent enabled anything but firewall (obviously) and web proxy (with antivirus) for now but I don't feel any lag whatsoever. I still have to do more testing though. 
 To install XG in a new PCEngines APU2 board, just follow these steps: 
 - Install SSD of your choice and burn the XG ISO in a CD 
 - Connect the serial cable to your serial port 
 - Connect to the serial console using Putty and choose 38400 as speed 
 - Boot it up and run from the CD. Follow the instructions to install it, but basically this means you just have to press "y" once and it will install everything, really. 
 If you wanted to do a blind installation (without serial) you could just hook up the USB CD reader, connect the power, wait about 1-2 minutes to give it time to ask for confirmation and then press "y". Wait another 5-10 minutes to allow it time to install. 
 After the installation has finished you wont hear 5 beeps. Instead you will hear a music tune through the inbult speaker!! That's when you can remove the CD, disconnect the power from the APU and put it back on. 
 Lastly, just connect your computer to port 1 and you will get an IP automatically (otherwise just put yourself at 172.16.16.17) and you can access https://172.16.16.16:4444 and start configuring it! 
 Thanks Sophos for making XG a console-friendly install!!

Alonzo Eubank · Answer

OK, so I did much of what was mentioned here except did the silent install with a USB stick and no serial cable. One thing that was not said anywhere in these threads is how to get the iso file on to a flash drive. 
 I used Rufus image burning software (use the DD writing version) to write the image file to a flash drive. You only need a 1 gig or larger USB drive (512 mb might work). 
 So, I took the latest image, loaded it into Rufus, specified the DD writing version and waited for it to complete (1 minute). If you do not use the DD method (not the default) the stick will NOT work. The system will make a loud racket and you will have to burn the image again.. 
 Then, stick the USB drive in the APU2c4 on one port and a keyboard on the other port. Give it some power.. Make sure you have at least a 128gb mSata drive in the computer or Sophos could complain. Give it a minute.. Press y.. Then enter key.. Wait a few minutes and when complete the unit will play a song! 
 
 You're golden then!! Pull the power cable, keyboard, USB stick.. Count to 10.. Power back on then connect a network cable to port 1 and use the address: 
 https://172.16.16.16:4444 and begin configuring! No need for a serial cable, external cd-rom drive or anything else!! 
 
 Good luck everyone. I'm kind of new to the forum but wanted to share my experiences.

Johan@NetStream · Answer

If anyone is interested? http://utmshop.nl/sophos-utm-hardware-appliances/nfa-home-9.html 
 Works like a charm!

Marcel D · Answer

Hi Tomba, 
 the Sophos UTM work fine on the APU2D4. 
 How you can install the system on the APU, I have described in a post. 
 https://secure-bits.org/sophos-utm-home-edition-9-4-auf-alix-board-apu2c4-installieren/ 
 
 Greetings Marcel

oweijer · Answer

The problem was indeed with the (not) bootable USB stick ... I followed procedure below and it worked. The isohybrid did the trick: 
 https://wiki.polaire.nl/doku.php?id=sophos_utm_pcengines_apu2

Thanks again!