How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

      Comments Off on How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

110118 0151 HowtobuildS1 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

Have you been followed my previously blog to build up Hyper-V nested virtual machine on Microsoft Azure? If you don’t, you better build it right now, because this is pre-requisites and you will get lots of benefit for your lab or even production environment, you can reference this link and build it. If you did, congratulation! You can create a nested gest virtual machine and install Firewall (e.g. Sophos XG, Fortinet…) for free, why we still need to build firewall at our Azure Hyper-V nested environment? Because it supports lots functions that we cannot get the functions for free from Azure, e.g. server load balance, firewall, SNAT, application filter, IPS…and so on, we also can use it for LAB or simulate issues or POC. I am going to show how to build Sophos XG here.

  1. At the first, you need to apply a Sophos XG Firewall Home Edition via follow link. You may wait for couple hours or days, and they will send the XG firewall serial number to you.

    https://www.sophos.com/en-us/products/free-tools/sophos-xg-firewall-home-edition.aspx

    110118 0151 HowtobuildS2 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  2. Login to Azure and RDP to your virtual machine.

    110118 0151 HowtobuildS3 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  3. Open Hyper-V Manager tool, select New at Action pane and then click Virtual Machine.

    110118 0151 HowtobuildS4 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  4. On the Before You Begin page, click Next.

    110118 0151 HowtobuildS5 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  5. On the Specify Name and Location page, enter name for this virtual machine and then click Next.

    110118 0151 HowtobuildS6 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  6. On the Specify Generation page, select Generation 1 and then click Next.

    110118 0151 HowtobuildS7 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  7. On the Assign Memory page, enter 4096MB for startup memory and then click Next.

    110118 0151 HowtobuildS8 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  8. On the Configure Networking, select NAT Network Switch and then click Next.

    110118 0151 HowtobuildS9 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  9. On the Connect Virtual Hard Disk page, keep the default settings and then click Next.

    110118 0151 HowtobuildS10 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  10. On the Installation Options, select Install an operating system from a bootable CD/DVD-ROM.
  11. Select you Image file (.ISO) which you download from Sophos Web site, and then click Next.

    110118 0151 HowtobuildS11 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  12. On the Completing the New Virtual Machine Wizard page, review the settings and click Finish.

    110118 0151 HowtobuildS12 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  13. ON the Hyper-V Manager tool, right click virtual machine name and then select settings.

    110118 0151 HowtobuildS13 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  14. Select Processor and change Number of virtual processor to 4.
  15. Select Add Hardware, select Network Adapter and then click Add.

    110118 0151 HowtobuildS14 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  16. Change Virtual switch from Not connected to NAT Network Switch and then click Apply.

    110118 0151 HowtobuildS15 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  17. Repeat steps to add one more Network adapter and then click OK.

    110118 0151 HowtobuildS16 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  18. Start this virtual machine, type y and then click enter to continue install.

    110118 0151 HowtobuildS17 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  19. You need to remove install disk (.iso image file) from virtual machine settings after installation complete and press y to reboot virtual machine.

    110118 0151 HowtobuildS18 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

    110118 0151 HowtobuildS19 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  20. Enter the default password admin.

    110118 0151 HowtobuildS20 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  21. Select Accent for the End User License Agreement.

    110118 0151 HowtobuildS21 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  22. On the Main Menu, select 1 Network Configuration.

    110118 0151 HowtobuildS22 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  23. On the Network Configuration Menu, select 1 Interface Configuration.

    110118 0151 HowtobuildS23 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  24. On the Network settings page, you will see interface Port 1 (LAN) default IP address is 172.16.16.16/24, press Enter.

    110118 0151 HowtobuildS24 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  25. It may show Port 2 (WAN) IP address if you enable the DHCP at NAT settings on the Azure Virtual Machine, but we cannot use it to access firewall because we don’t enable the permissions yet, press enter.

    110118 0151 HowtobuildS25 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  26. It will ask you to configure IP address for the third network interface, press enter twice, we will configure it later via GUI.

    110118 0151 HowtobuildS26 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  27. On the Network Configuration Menu, select 0 exit.

    110118 0151 HowtobuildS27 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  28. I am going to add 172.16.16.1/24 to vEthernet (NAT Network Switch) temporary, so we can configure firewall from this Azure virtual machine (Host).

    110118 0151 HowtobuildS28 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  29. Open internet explorer and enter https://172.16.16.16:4444 and Select Continue to this website.

    110118 0151 HowtobuildS29 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  30. On the Sophos XG Firewall welcome page, click Click to begin.

    110118 0151 HowtobuildS30 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  31. On the Basic Configuration page, enter the new Admin Password, select I agree to the License Agreement and then click Continue.

    110118 0151 HowtobuildS31 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  32. Enter firewall Name and select time zone and then click Continue.

    110118 0151 HowtobuildS32 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  33. On the Register Your Firewall page, enter your serial number which you got it from Sophos and then click Continue.

    110118 0151 HowtobuildS33 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  34. One the Basic Setup is Complete page, click Continue.

    110118 0151 HowtobuildS34 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  35. On the Network Configuration (LAN) page, click Continue, we will modify them later.

    110118 0151 HowtobuildS35 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  36. On the Network Protection page, select all of them and then click Continue.

    110118 0151 HowtobuildS36 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  37. On the Notifications and Backups page, enter email address for Recipient and Sender and then click Continue.

    110118 0151 HowtobuildS37 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  38. On the Configuration Summary page, click Finish.

    110118 0151 HowtobuildS38 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  39. XG firewall will auto-reboot after apply configuration, and then you will see the login page, type username and password and then click Login.

    110118 0151 HowtobuildS39 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  40. Navigate to Administration and then select Device Access.

    110118 0151 HowtobuildS40 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  41. On the Local Service ACL, enable HTTPS and Ping/Ping6 at WAN Zone and then click Apply.

    110118 0151 HowtobuildS41 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  42. Click OK at update device access message pop up.

    110118 0151 HowtobuildS42 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  43. Navigate to Network, select Interfaces and then click Port2 (WAN).

    110118 0151 HowtobuildS43 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  44. Change IP Assignment from DHCP to Static, change IP address to 192.168.100.2/24, change Gateway Name to Port2_NAT Network Switch, change Gateway IP address to 192.168.100.1 and then click Save.

    110118 0151 HowtobuildS44 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  45. Click Update Interface on Update Interface warning.

    110118 0151 HowtobuildS45 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  46. Repeat steps to change Port3(LAN) IP address to 10.254.254.1/24.

    110118 0151 HowtobuildS46 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  47. Repeat steps to change Port3(LAN) IP address to 172.21.128.2/17.

    110118 0151 HowtobuildS47 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

  48. You may find that you lost the XG firewall configuration portal connection, that’s normal, you need to change url to https://192.168.100.2:4444 and you will reconnect it again.

    110118 0151 HowtobuildS48 - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

Congratulation! You installed XG firewall at Azure nested guest VM successful!!

Hope you enjoy this post.

Cary Sun

Twitter: @SifuSun

ca16fbd3199de5f66b829b87082fb970?s=80&d=retro&r=g - How to build Sophos XG firewall at Azure Hyper-V Nested VM for free

Author: Cary Sun

Cary Sun is an Principal Consultant, He has a strong background specializing in datacenter and deployment solutions, and has spent over 20 years in the planning, design, and implementation of network technologies and Management and system integration.He hold CISCO CERTIFIED INTERNETWORK EXPERT (CCIE No.4531) from 1997.Cary is also a Microsoft Most Valuable Professional (MVP) and Cisco Champion, He is a published author with serveral titles, include blogs on Checkyourlogs.net, author for many books. Specialties: CCIE /CCNA / MCSE / MCITP / MCTS / MCSA / Solution Expert / CCA
Blog:
http://www.carysun.com http://www.checkyourlogs.net
Twitter:@SifuSun

About Cary Sun

Cary Sun is an Principal Consultant, He has a strong background specializing in datacenter and deployment solutions, and has spent over 20 years in the planning, design, and implementation of network technologies and Management and system integration.He hold CISCO CERTIFIED INTERNETWORK EXPERT (CCIE No.4531) from 1997.Cary is also a Microsoft Most Valuable Professional (MVP) and Cisco Champion, He is a published author with serveral titles, include blogs on Checkyourlogs.net, author for many books. Specialties: CCIE /CCNA / MCSE / MCITP / MCTS / MCSA / Solution Expert / CCA Blog: http://www.carysun.com http://www.checkyourlogs.net Twitter:@SifuSun