Installing Untangle NGFW on Microsoft Hyper V


Howzit! Paul Ogier here from OSH.co.za. Today we are going to be installing Untangle on Microsoft’s
Hyper-V. First a little background, we have deployed many many firewalls
and UTM solutions at clients over the years such as
pfsense, IPCop, Fortigate and the original granddaddy of them all ISA
server which you might know is Microsoft forefront threat management gateway, but
we’ve now settled on using Untangle for all of our clients because of the
simplicity, the cost, the resource usage effectiveness and flexibility of the
Untangle next-generation firewall. For the home lab it only cost $50 a year and
for larger companies and corporates it works on a sliding scale that
allows you to pay for what you want to be protected, you can also choose what
modules you want to have included like the SSL inspector, a directory connector
for active directory, a WAN balancer and WAN failover. However if you want
the full functionality of the software you can buy a complete version. Also if
you are a nonprofit company, a private or government school there are also special
prices and deals for you in terms of flexibility, you can deploy Untangle and
a number of different environments and ways, from 32-bit and 64-bit as a virtual
appliance in Hyper-V using an ISO and VMware using OVA, you can deploy it on
AWS, Amazon and Azure, Microsoft or even you can do it on a bare metal
server. So why would you want to install Untangle on Hyper-V? Well instead of
paying for VMware licenses most windows servers can actually handle Hyper-V
without a problem, I’ve set up Untangle on everything from Windows 10 for very
small client, Windows Server 2008 2012 2016 and obviously the latest version of
Server 2019. If at some later stage you would like to move this
server on to other hardware having a virtual server makes a great deal of
sense. The setup is quite simple but there a couple of configuration issues
that you need to be aware of and when you setup Untangle
using virtual switches for the WAN and if you follow this tutorial it
should make the process quite simple, so now we are set up Untangle. On the
Hyper-V let’s with the virtual switches so let’s open
up Hyper-V first let’s try and spell correctly Hyper-V. Untangle needs two
network cards, so on the on the Hyper-V we’re going to set up those two network
cards, so I’m going to go into the virtual switch manager and you see it
comes currently with a new virtual default switch
we’re gonna get a new virtual switch, and I’m gonna say create virtual switch, we’re
going to call the two virtual switches one which is going to be Untangle LAN
and one’s gonna be Untangle WAN, this way you can set up exactly the same way
as me and you can see what’s happening so the first one I’m going to do is I’ve
got this USB network controller here so I’m gonna say this is going to be
Untangle WAN. So that’s going to be connected straight into my router. I’m
then going to take away that tick so we’re not going to allow the the base
operating system to interact with this network card.
I’m then going to say new network virtual network switch again, create, and
this one is going to be called Untangle LAN, this one is going to be a different
network card and there’s my other network card. So I’m now gonna push ok
and those are going to be there. Let’s just wait for it to apply. Ok. So under
the virtual switch manager the LAN is the one that’s going to connect
to the rest of your network and the WAN is going to have a cable straight from
this server through to your router, we’re now going to create say new and virtual
machine. Push next past this and we’re going to call this virtual machine Untangle So you can either change where you want
the virtual machine to be stored or you can serve like you can leave in the
default place. So let’s push next we’re going to use generation 1 because that
works better for Linux servers we’re going to say this is going to be 2048
so there’s 2 gigs of RAM

0:04:43.940,0:04:47.930
you can use dynamic memory for this, I’m
gonna switch that off otherwise it’s gonna slow down my machine, let’s push
next. Here it’s gonna say what network do you want to connect it to I’m going to
just choose Untangle WAN here and I’m going to push next creates a virtual
hard drive that’s where it’s gonna save it it’s gonna be a hundred and twenty
seven gigs, if you’re if you are going to have more than 50 devices, say 500
devices that virtual size needs to be at least 500 or 600 gigs, how many logs you
are going to be storing, if you’re gonna be storing for six months, for a year
then it depends on you need to give yourself extra space
to store those logs okay so let’s push next, we’re going to
install an operating system from a bootable here and let’s go here okay if you go to Untangle dot-com so we Untangle dot-com, move your
mouse over get Untangle and free download okay so now if we run the untangle
website it does say that you should prob’ly sign in with them if you have an
account or you creates an account yeah if you want to do that now that’s
perfect right now we’re just gonna say skip to downloads. At the time we’re
recording we’re on fourteen point two point zero and here is the ISO which I’m
going to click on and save it here and the downloads and let’s go to Untangle
and let’s push next and finish, okay so now it’s gonna create the virtual
machine. So now that we’re on these settings let’s go in here and go into
settings, if you’ve looked at the specs of your machine and how many users
you’re going to be protecting you would obviously play with the RAM allocation
here you might even enable the dynamic memory
and say well I want to go all the way up to 16 gigs or 32 gigs or whatever you
want to do, right now I’m going to keep it on two gigs for this and the
processes on the table below and you will see that the amount of processes
that you require are dependent on how many users you are using we’re going to
set up as as using two processors here the next thing you’ll see over here is
we only have one network adapter which is the one that we chose to in the setup
so we need a second one so add Hardware add network adapter add and we’re going
to choose the other one so right now we’ve got Untangle WAN we’re going to
choose Untangle LAN and we’re gonna say ok so let’s double click into this and
push start great, so choices are graphical install
install, graphical install is just really prettier it doesn’t really do anything
different so I’m gonna push enter on graphical install and wait for it to
start up, pick your language and do English, your location I’m in South
Africa, so I’m gonna choose South Africa and the keyboard this isn’t what type of
language you’re doing so if you do British English actually do the British
layout for your keyboard, most people have the American English keyboard with
the @ sign above the number 2 so we’ll choose the American English we should
continue okay so let’s wait until this comes up the next step is going to be asking us
what we want to do with our hard drive starting up the partitioner and here it’s
saying if you continue these changes will be listed will be written to the
disks, so we’re going to say yes we want that to happen and we are going to say continue and now we’re going to wait depending on
how fast your hardware’s between five and 20 minutes so if you’ve got to this
point in use it says your installation is complete that means it’s all
installed so let’s push continue and restart sometimes it does hang at this
point don’t worry about it is doing stuff in the background
don’t push buttons don’t get excited just wait okay so every rebooted we’ve now come
into the wizard let’s push continue obviously if you have a different
language please choose your different language okay type in an admin account password
here anything you want just make it quite difficult. Under install type choose
the type of install you would like to use if you are one of these particular
companies or higher education or federal governments it’ll install certain apps
for you and do certain settings for you I’d like to do it all from scratch so
I’m going to click on other and then finally click your time zone
network cards it’s going to ask you if you want to serve your password here I’m
not going to save my password right now what I would suggest you do here is
actually test if you’re correct network cards are labeled as the correct things
so the ones that we originally set up in Hyper-V I’m gonna unplug my
external network card and let’s see there we go disconnected and then I’m
uplug my internal network card fantastic ok I plug them back in it
takes sometimes between 30 seconds and 60 seconds to actually come up and so if
I say that it’s still connected so give it a bit of time great so now about say
they’re connected let’s say internet connection next if all is running well
you will see that your Untangle has found an IP address via DHCP and if you
test if you click test connectivity it should say success so let’s see. I
suggest to do this first before playing with any static and manual settings so
that you know that you actually good so I’m going to choose static here and we
are going to set an IP address for the external part of the of Untangle so it’s
going to 192.168.0. the router is 0.1 so let’s make this 0.2 okay it’s got a netmask of
24 so there we go and the default gateway
of 0.1. DNS you can either use your internal DNS server or I’m just going to
use my router here again and I push test connectivity again theoretically
should say successful fantastic so push ok and let’s push internal network that’s
gonna want to save that again stop it, okay we are going to set this up
as a router so what does it the Internet traffic is going to come from your
internal network is then going to hit the internal or the LAN network card of
Untangle get processed by Untangle and then go out the external WAN part of
Untangle so on the router we need to sort of have a different IP address so
we’re gonna say a 2.1 here that’s fine if you’ve got a set up in your network
already and you’ve got 500 computers or whatever you’ve got sometimes it’s
easier to set your external router and your external card to be another IP
range and your internal to be your current IP range but whatever you need
to do let’s do it like this I’m gonna give you more information now so let’s
go to router and we’re going to take away DHCP because my router already does DHCP
and in your network it might actually be done by your Active Directory server or
by your router we’re going to do automatically install upgrades because
we want to sort of like to set it and forget it
and the second thing is to connect to the command center because later once we
finished the whole setup the connection will allow you or your IT provider to
manage your firewall from outside the network from off-site I’m gonna push
finish and I’m gonna push go to dashboard okay
so now that we’ve logged in what you’ll see is your dashboard currently says no
one is active so what we going to need to do is go through your network here
through the Untangle LAN and go into properties tcp/ip 4 and we’re going to
set our internal network 192.168.2 let’s say this computer is going to be 2.100 192.168.2.1 ok so we’re saying go out
through Untangle so all of your computers on this network that are going
through Untangle will be on the 2 range or whatever separate range you’re going
to be using for your internal network so push ok push ok let’s open up Firefox Do a search, okay so we’re on the
internet so if we go and look here let’s just refresh this there we go
currently says one active person which is me no excitement there so we now need
to sort of do something and make sure it blocks porn for instance so I’m
going to go into apps here and I say install apps I’m going to go to web filter
click on it and then it’s going to start installing fantastic its installed
let’s go back to the apps there and let’s go into Web Filter let’s make sure
that porn is actually blocked so let’s go to categories and
let’s tap in porn and what you’ll notice is that it send a sensitive group and
adult and pornography blocked and flagged so theoretically if I now type
and porn.com and push enter it will not go through fantastic
so now basically it says that it did not connect because a security issue and
there’s SSL inspectors that needs to be done but right now it says that we
cannot get through to porn but we can get through to everything else because
porn is actually blocked I hope that helps we’re gonna carry on with a couple
other videos about this but there is step one of many many steps OSH.co.za
is a gold Untangle partner get in contact with us for your 5
percent discount on all Untangle software please also subscribe for
future amazing videos

, , , , , ,

Post navigation

Leave a Reply

Your email address will not be published. Required fields are marked *