Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 8745 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

A basic simple working configuration to start from

cmp828

From a clean install of UTM 9.5x...  It will run through the wizard but it never configures anything for me. So when you do log in to UTM, all you have is the local / LAN interface established so you can log in and configure it.

 

Below is my most simple minimal configuration to get up and working on the Internet. (Web, send receive e-mail, skype, DNS, DHCP, streaming services, etc.  From hear you can then lock down and begin to customize it.

So after the initial install of UTM, log in, Next you need to configure your WAN port.  (Typically I use ETH1 as LAN or internal and ETH0 as WAN or Internet)

1. Configure WAN interface

2.Go to Network Protection,  -> NAT -> Masquerading and create the rule.

Interface -> internal (what ever you are using for LAN interface.  -> ETH0 (what ever you are using for WAN Internet connection)

3. Network Services ->  DHCP -> interface internal -> set range, start, end, next add DNS and gateway  (basically fill in the requires information.

 

4. Basic Firewall rules, these use to be automatically set up by the wizard back in the 7.3 / 8.x days. Create these Firewall rules:

Internal Network  (IN) -> DNS -> Any

IN -> Websurfing -> any

IN -> email messaging -> any

IN -> Instant Messaging -> any

IN -> Terminal Applications -> any

When you look at the Current System Configuration on the dash board, you will only have the firewall green and all other listings will be red or not configured.

With the above set, you should be able to go do and use the Internet.  Again most basic to get up and going and then from hear you can start to lock down the system and add functions and services. 

 

Hope this helps others, Several people gave me tips on this basic config, and I thank everyone who assisted me.

Thank you,

Chad Pauli



This thread was automatically locked due to age.
Parents
  • 0

    The above information should get anyone up and going, after a clean fresh install.  When you get your system set as desired, make sure you have good backups. Because the backups make life very sweet and simple if you loose your hardware and have to reload clean from scratch. Download a copy and better yet have it e-mail you a backup every time it backs up the config file.

  • 0 in reply to cmp828

    You point out a good starting point for the average home user but for the home license, you are allowed to use webfiiltering. If you do enable web filtering then you don't need the firewall rule to allow web browsing since the web filtering will handle that for you. For the average home installation an transparent setup is the most easy one.

    Also be aware that when setting this up, you are really increasing security in comparison to a normal everyday router. In this example you have specifically allowed some types of traffic to the internet, whereas most home routers have a rule to allow all traffic from internal to the internet. Exactly this may be the reason why different protocols and/or applications may not work because of the simple fact that it's service port is not allowed to go out to the internet by the firewall.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • 0 in reply to apijnappels

    Yes I agree, I am an advanced I.T. / Network Admin. Been using UTM since like 7.3 when it was still Astaro. I got away from it for about a year and now trying to get use to it again.  Tried to go to XG, and too much of a learning curve and was missing some features of UTM. So now starting all over with UTM for a clean config.  I was use to the wizard setting up a most basic config to get things going and working, then from there begin to lock it down.  I will be in time using mail and web protection, user portal, their wireless access point, and HTML 5 VPN.    I assume others loading fresh or for the first time who do not have a backup config to load in and if the wizard does not set things up for them, that I would provide something that would get them initially up and going. Then customize and lock down from there. I had assistance from several forum users and Appreciate their assistance.  Next I need to figure out why my definitions are not updating. Set to manual update, or auto, my definitions are still at 0. That is another day and another post.  Thank you for adding additional information to my basic config posting. 

     

    Chad

Reply
  • 0 in reply to apijnappels

    Yes I agree, I am an advanced I.T. / Network Admin. Been using UTM since like 7.3 when it was still Astaro. I got away from it for about a year and now trying to get use to it again.  Tried to go to XG, and too much of a learning curve and was missing some features of UTM. So now starting all over with UTM for a clean config.  I was use to the wizard setting up a most basic config to get things going and working, then from there begin to lock it down.  I will be in time using mail and web protection, user portal, their wireless access point, and HTML 5 VPN.    I assume others loading fresh or for the first time who do not have a backup config to load in and if the wizard does not set things up for them, that I would provide something that would get them initially up and going. Then customize and lock down from there. I had assistance from several forum users and Appreciate their assistance.  Next I need to figure out why my definitions are not updating. Set to manual update, or auto, my definitions are still at 0. That is another day and another post.  Thank you for adding additional information to my basic config posting. 

     

    Chad

Children
No Data
Unfiltered HTML