Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 4 replies
  • Subscribers 3 subscribers
  • Views 1327 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

activate an interface via command line (automatically)

Duff11

Hi,

In my use case I want to allow a specific server internet access. The other network will be shutdown of this server and the interface to allow internet access must be enabled/activated on the utm. This works fine if I use the webgui. But I would like to automate this and login to utm via ssh (pubkey authentication) from an other system on internal lan.

If I active the interface using ip command, the interface will come up but the firewall rules will not take affect. I am not allowed to receive dns queries for example. If I activate the interface via webgui, everything works as expected.

How could I bring up the configured interface (but deactivated) using the command line (ssh connection)?

Thanks in advance.

Best regards,

Duff



This thread was automatically locked due to age.
  • +1

    Hallo Duff,

    Not sure I understand what you're looking for, but...

    To get the REF for a specific interface named Private:

    secure:/home # cc get_object_by_name interface ethernet Private |grep \'ref
                              'ref' => 'REF_IntEthPrivate',

    To enable the Private interface:

    secure:/home # cc change_object 'REF_IntEthPrivate' status 1
    REF_IntEthPrivate

    To disable it, set status to 0.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Thank you very much. That’s what I searched for.

    But two more questions:

    1.) how can I determine the logical interface names on command line without using the webgui (it is Not ethX)?

    2.) is it possible to execute the cc command as a non root user (create sudo rules or...)?

    Thanks and regards

    Duff

  • 0 in reply to Duff11

    1. cc get_objects interface ethernet |grep \'name

    2. No idea as I've never tried it.  I never login as loginuser. I use RSA keys with PuTTy to SSH into the UTM as root:  Sophos UTM: How to access the UTM shell via SSH using PuTTY.  Download PuTTY from this link

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML