Hi guys, Im trying to deploy Sophos UTM in AWS. However there are some restrictions with my client, we need to set permission boundary. We cannot create VPC. We cannot create IAM user nor roles. There is no internet access. So no IGW. I tried the cloudformation template provided by sophos UTM PAYG in my aws dev to no problem. When i try to manually recreate using AMI using this guide https://www.sophos.com/en-us/medialibrary/PDFs/documentation/UTM_on_AWS_AutoScalingGuide_v1.pdf , there are some issues, notably; The outbound gateway option is missing from the UTM webgui. The cloudformation has some magic paradigm f*kery going on, and its busting my nuts. we tried manually creating the outbound gateway using https://community.sophos.com/kb/en-us/124431 it doesn't work well that i can't see it appearing in the UTM webgui. We tried using the cloudformation template and entering existing vpc, but the stack fails. I tried asking support but they just gave me a turnaround and asked me to call the support line. So posting it up here for assistance as i'd like to setup the UTM for its NGFW, Firewall, WAF, and IPS and use it as a DMZ. Is there any cloudformation or manual guide or steps for manually deploying the sophos UTM into an existing vpc? and making it work without internet access?

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Manual way for creating UTM in aws

AppleJack over 2 years ago

Hi guys,

Im trying to deploy Sophos UTM in AWS.

However there are some restrictions with my client,

we need to set permission boundary.
We cannot create VPC.
We cannot create IAM user nor roles.
There is no internet access. So no IGW.

I tried the cloudformation template provided by sophos UTM PAYG in my aws dev to no problem.

When i try to manually recreate using AMI using this guide https://www.sophos.com/en-us/medialibrary/PDFs/documentation/UTM_on_AWS_AutoScalingGuide_v1.pdf, there are some issues, notably;

The outbound gateway option is missing from the UTM webgui. The cloudformation has some magic paradigm f*kery going on, and its busting my nuts.
we tried manually creating the outbound gateway using https://community.sophos.com/kb/en-us/124431 it doesn't work well that i can't see it appearing in the UTM webgui.
We tried using the cloudformation template and entering existing vpc, but the stack fails.

I tried asking support but they just gave me a turnaround and asked me to call the support line.

So posting it up here for assistance as i'd like to setup the UTM for its NGFW, Firewall, WAF, and IPS and use it as a DMZ.

Is there any cloudformation or manual guide or steps for manually deploying the sophos UTM into an existing vpc? and making it work without internet access?

This thread was automatically locked due to age.

Parents

0 BAlfson over 2 years ago

Moving this thread from General Discussion to the UTM on AWS forum.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 2 years ago

Moving this thread from General Discussion to the UTM on AWS forum.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data