Sg210 Sophos



Sophos allows remote shell access via SSH. PuTTY is a Windows SSH client, that may be used to sign in to the shell and access the Sophos command line environment remotely. Putty has many options and supports protocols other than SSH, but this article only shows the features necessary to connect to Sophos. Migration guide: Sophos Migration Assistant 5 Appendix A: Conversions and limitations The following conversions will take place for the entities during migration from Sophos SG/UTM to.

I had a Sophos SG 210 lying around which I wanted to test out for my home lab.

Sophos offer free keys for home/lab usage (https://myutm.sophos.com), so I signed up and downloaded my license but when I tried to apply it, I got the following message:

Iced earth horror show download blogspot. “Cannot use ASG software license on SG210 device” World war onemr volkmars course pages.

To fix, I had to delete the asg file in /etc/ however I had to factory reset the unit again and set a password at the console before running any setup in the web GUI.

Once you’re logged into the console (you can use PuTTY or just plug in a screen and keyboard) run the following commands:

Once the unit has rebooted, you can login through the web GUI again and run through the setup and it will accept the license.

Its worth mentioning by removing the asg file, it stops the buttons for the LCD screen working. To fix, you can recreate the asg file and add a few lines of config (this doesn’t stop the license from working)

Create the file with VI:

Add the config:

Save the file and reboot. Once its rebooted, the buttons should work again.

This is not a supported configuration by Sophos 😉

Normally when you get an old hardware Appliance, ex. UTM 220, 320 etc, you cannot use this in your home environment (With your free home license), without paying for a hardware license.

This can be “solved”, by making the hardware installation think, it’s going software 🙂

The steps are listed here:

Sg210
  1. Take a backup of your running UTM configuration in WebAdmin, if you have such running at the moment.
  2. Download the hardware image for appliances, theese starts with “SSI” in the file name. (Google “Download Sophos UTM”)
  3. Burn this to a CD-rom or to USB following this link. (This will format the harddrive of the appliance, so logs and stats are lost!)
  4. Install the hardware appliance as you would do normally.
  5. After installation, you now have a complete clean Sophos UTM 9 installation.
  6. Connect a VGA screen and a USB keyboard to the appliance.
  7. At the login prompt: login as root – it will tell you to change password, just do that (Old password is <blank>).
  8. When you’re logged in, do this:
    “vi /etc/asg”
    delete the “ASG_ID….”-entry in the file and save and close
  9. Reboot

Now the UTM will boot running software license, and you can use your home license with it 🙂

This workaround will not swap interface names, and if you have one of the bigger models, 220 and beyond, with LCD, then will this just work as it did with hardware config – software installations do not have support for the LCD driver – but this way it works.

Happy UTM’ing 😉

Update: 15/11-2016

When replacing a harddrive with ex. a SSD or other drive, the hardware installer will not install, due to hardware replacement (It looks for specific harddrives with special firmware!), then you cannot use the installer above, you will then have to go with the SOFTWARE ISO instead of the HARDWARE ISO. Install will proceed as normal, but after install, the LCD display will no longer work, cause it’s now a “software” install and not hardware appliance install.

There have been written a lot here about a fix:

But the link above does only make the display work with one view “Sophos UTM %version% and uptime”, this is due to the missing /etc/lcd.data file, because this file is only generated on appliances (hardware install).

The main reason it does not work, is that the /etc/asg file is now missing, because this file tells the installer that it is running on an appliance, you cannot copy this from another appliance solely, because you need to modify it (Ex. remove ASG_id and ASG_Serial lines):

Do a “vi /etc/asg”

It creates a new file and then insert:

Ex. for SG 210

ASG_VERSION=”210″
LCD4LINUX_HW=”LCD-SERIAL300″
ASG_SUBTYPE=”r1″

Ex. for UTM 220

ASG_VERSION=”220″
LCD4LINUX_HW=”LCM-162″
ASG_SUBTYPE=”r5″

As you see UTM and SG’s have different LCD controller.

Now reboot and watch the display cycle through the widgets, you can also see if /etc/lcd.data is being populated 🙂

Sophos Sg 210 Price

Related Posts