Comments (8)
It seems like you did not configure an internal interface or the IP address of it properly. Please see the InstallationGuide.txt at the root of the iso file: "Make sure you configure two network interfaces. You will be asked to choose internal and external interfaces later on."
The error messages on your screenshots point to that issue, but I need to fix the final message which says the installation was completed successfully (it wasn't).
from utmfw.
It's got to be something else then not configuring interfaces.
If you look at the second screenshot you can see two interfaces configured:
em0 that is WAN interface, DHCP enabled, not connected
vio0 that is LAN interface which acquired IP via DHCP, connected
There was another issue, unrelated to the interfaces, where I could not login using console and I tried multiple installations. On one occasion I could ssh to it and login as root. When I tried to change password for user/utmfw/admin accounts that I used during setup - password was being rejected due to low complexity (something that install script did not do). However, even after changing the password for above mentioned accounts, when I tried to login via console (web was not available) I could login, got a welcome sentence in Turkish and then system logged me out. Following that, I tried to install with complex password but it did not get the system up and running and login through console still was not working. So it seems, I have multiple issues happening at the same time.
from utmfw.
The LAN interface should have a static IP address assigned to it during installation, DHCP will not work there. Set a static IP address to the internal interface. (Also I suggest that it should be UTMFW who assigns IP addresses over DHCP on the local network, but that's optional.)
Passwords of UTMFW users, admin, user, and utmfw are double encrypted. Please first do what I said above, then log in to the web UI, go to the System>WUI page, and see the help box next to the User-Password boxes. The root password is not double encrypted.
from utmfw.
General notes about users:
- root is the only system user as usual. admin and user users are UI users. utmfw is a network user.
- The only user you can log in to the system is root. The root password is a regular password, not double encrypted. But you are advised not to enable ssh login for the root user.
- The admin and user users cannot drop to a shell. Their login shell is an sh.php script. They don't even have a home folder. Their passwords are double encrypted.
- The network user utmfw is similar too, but its login shell is whois. Its password is double encrypted.
Most of these is for security purposes.
from utmfw.
Thanks for the info. I made it to work by assigning two static IP addresses to both interfaces (also used the latest ISO). I believe the issue was with IDS blocking my connections - maybe default should be to keep it offline.
BTW, when using proxmox console, to install the UTMFW, instructions to select/deselect packages is off the screen (and there's not scroll up) and I could not figure out how to choose packages (in case I wanted to deselect IDS).
from utmfw.
By default, SnortIPS blocks an IP address if the alert prio is 1 (the highest level) and the alert contains the word Portscan in the alert issued for that IP address. But if you still suspect that SnortIPS blocked you out, I suggest you look at the logs of SnortIPS, /var/log/snortips.log
, all such block actions should be listed there.
I don't recommend not installing Snort IDS, because all connections going through SSLproxy are also inspected by Snort inline for intrusions. Without Snort inline in between, all those connections would fail, i.e. no web, no pop3, no smtp, making UTMFW pretty useless.
See again the screenshots you have sent. They clearly hint that there was something wrong with the interface configuration, hence more than a few configuration failures for a couple of services (this is not about SnortIPS).
Btw, I think #6 doesn't seem related.
from utmfw.
I tried to install UTMFW multiple times trying different ways, only couple are documented in the screenshots above. Granted this is just speculation on my part about IDS being an issue as I do not have any hard evidence besides symptoms: I was able to ssh but not to access the web interface.
from utmfw.
If you were able to ssh, then it cannot be SnortIPS (it blocks all traffic coming in for that IP address). Anyway, I hope all is fine now.
from utmfw.
Related Issues (19)
- How to set IP and Port of SSLProxy and UTMFW? HOT 2
- Questions regarding proxy/logging HOT 1
- Does this support Wireguard and/or multi-WAN/policy-routing HOT 1
- Packet Filter changes do not work HOT 2
- OpenVPN no internet connection HOT 6
- SSLProxy changing default certs doesn't work: "error loading CA cert from '/etc/sslproxy/ca.crt': Invalid argument Error" HOT 1
- Configuration of Webfilter produces invalid config file HOT 7
- Client-Side BEV_EVENT_ERROR HOT 13
- SSH and web gui not accessible after installation HOT 2
- SSLProxy Throughput HOT 1
- Is there a manual with working examples of settings? HOT 1
- Snort UTMFW preprocessor on Linux HOT 5
- SSLProxy with Squid HOT 1
- BEV_EVENT_ERROR HOT 25
- This project is pretty good and interesting but I think it needs some serious help? HOT 3
- www not working. HOT 2
- Downloaded ISO no boot HOT 8
- Install on top of existing OpenBSD?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from utmfw.