OPNsense Forum

English Forums => Hardware and Performance => Topic started by: Crackgen on October 01, 2018, 09:05:01 pm

Title: Netasq U70s with OPNsense
Post by: Crackgen on October 01, 2018, 09:05:01 pm

Hi,

It Security is the first of my hobbies, and I want to recycle a Netasq U70s UTM without license.

Can you say me if it's possible to use this UTM hardware to install OPNSense?

You can find a link with the specs of hardware :

https://www.pc21.fr/fiche/na-u70s-netasq-u-series-u70s-dispositif-de-securite-8-ports-gige-1u-i2138320.html

Thanks for your advice!

OPNsense : My next Open Source Firewall !

Title: Re: Netasq U70s with OPNsense
Post by: monstermania on October 02, 2018, 10:36:12 am

I don't know Netsaq hw.
But if the UTM use an x86/x64 cpu and the nic interfaces are supported under FreeBSD the installation of OPNsense should work.

best regards
Dirk

Title: Re: Netasq U70s with OPNsense
Post by: Crackgen on October 02, 2018, 12:17:41 pm

Hi Monstermania,

Thanks for your reply !

Netasq U70S use FreeBSD OS.

With uname -an command, the result is :

NS-BSD  2.10.0- NS-BSD 2.10.0- #0: Mon Jan  8 12:16:59 CET 2018     build@buildmajsicilia32.labo.int:/usr/home/build/fw-PRETAG_2.10.0/firmware/sys-9.3/work/sys/i386/compile/NETASQ.S.NOSMP.HW.RELEASE  i386

I think it's possible ...

Title: Re: Netasq U70s with OPNsense
Post by: monstermania on October 02, 2018, 03:54:46 pm

@Crackgen
Hmm,
do you know this thread into pfsense-forum?
https://forum.netgate.com/topic/105839/netasq-u70-pfsense-2-3-2-install-network-interface-problem
or here into freebsd forum:
https://forums.freebsd.org/threads/nic-em-problem-on-freebsd-10.49677/
Don't know if netasq u70 and u70s is quite the same but this sounds not good for me.  :(
The cpu seems to be 32Bit. IMHO it is no good idea to start with 32Bit in 2018!

I'm running OPNsense on an older Ucopia device (Lexcom 3I525 barebone).
Some of them sold during past weeks on ebay for around 30€ (w/o RAM or HDD).
Quite a good entry for OPNsense.  ;)

best regards
Dirk

Title: Re: Netasq U70s with OPNsense
Post by: nsouch on May 01, 2019, 03:53:10 pm

Thanks to the precious help of the zrouter.org team

I succeeded in installing OPNSense on NetASQ U70. The internal switch is connected to the secondary RS232 port of the board.
So, consider the following procedure :

Define 2 VLAN at startup : VLAN 1 et VLAN 2 both on em0 interface then,
Assign em0_vlan1 to WAN
Assign em0_vlan2 to LAN
The switch configuration hereafter has to be respected to obtain :
port 1 = WAN
port 2 to 6 = LAN

Configuration of switch NetASQ_U70 :
cu -s 9600 -l /dev/ttyu1
> vlan
VLAN> aware 1 enable
VLAN> pvid 1 none
VLAN> frame type 1 Tagged
VLAN> aware 2-8 disable
VLAN> pvid 2 1
VLAN> pvid 3-8 2
VLAN> del 1-4094
VLAN> add 1 1-2
VLAN> add 2 1,3-8
VLAN> config
VLAN Configuration:
    Port  Aware    PVID  Ingress Filtering  Frame Type
     1:   enabled none       disabled          Tagged
     2:  disabled    1       disabled          All
     3:  disabled    2       disabled          All
     4:  disabled    2       disabled          All
     5:  disabled    2       disabled          All
     6:  disabled    2       disabled          All
     7:  disabled    2       disabled          All
     8:  disabled    2       disabled          All

    Entries in permanent table:
       1:  1,2
       2:  1,3,4,5,6,7,8
VLAN>
Use the cu(1) escape sequence <Enter> then ~ (tilde) followed by . (dot)

For further reading on the switch CLI : https://www.szafa-rackowa.pl/zalacznik/Instrukcja-obslugi-Lantech-LGS-2424C-1200.pdf

Have fun.

Title: Re: Netasq U70s with OPNsense
Post by: xobix on February 12, 2020, 11:29:43 am

hy,

I tried it but when I execute the cu command, I can see "Connected" but there is no prompt after and I can't type anything :(

Have you an idea of why ?

Title: Re: Netasq U70s with OPNsense
Post by: intelliop on May 25, 2020, 09:55:41 am

Could you care to share how did you achieve this?  I went to zrouter.org and u70 wasn't listed as one of the supported devices.

Quote from: nsouch on May 01, 2019, 03:53:10 pm

Thanks to the precious help of the zrouter.org team

I succeeded in installing OPNSense on NetASQ U70. The internal switch is connected to the secondary RS232 port of the board.
So, consider the following procedure :

Define 2 VLAN at startup : VLAN 1 et VLAN 2 both on em0 interface then,
Assign em0_vlan1 to WAN
Assign em0_vlan2 to LAN
The switch configuration hereafter has to be respected to obtain :
port 1 = WAN
port 2 to 6 = LAN

Configuration of switch NetASQ_U70 :
cu -s 9600 -l /dev/ttyu1
> vlan
VLAN> aware 1 enable
VLAN> pvid 1 none
VLAN> frame type 1 Tagged
VLAN> aware 2-8 disable
VLAN> pvid 2 1
VLAN> pvid 3-8 2
VLAN> del 1-4094
VLAN> add 1 1-2
VLAN> add 2 1,3-8
VLAN> config
VLAN Configuration:
    Port  Aware    PVID  Ingress Filtering  Frame Type
     1:   enabled none       disabled          Tagged
     2:  disabled    1       disabled          All
     3:  disabled    2       disabled          All
     4:  disabled    2       disabled          All
     5:  disabled    2       disabled          All
     6:  disabled    2       disabled          All
     7:  disabled    2       disabled          All
     8:  disabled    2       disabled          All

    Entries in permanent table:
       1:  1,2
       2:  1,3,4,5,6,7,8
VLAN>
Use the cu(1) escape sequence <Enter> then ~ (tilde) followed by . (dot)

For further reading on the switch CLI : https://www.szafa-rackowa.pl/zalacznik/Instrukcja-obslugi-Lantech-LGS-2424C-1200.pdf

Have fun.