sophos utm9 migration to OPNsense

Started by pjottrr, Today at 08:08:58 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
Today at 08:08:58 PM
Hi all,

a few months ago we started prepping for a migration from sophos utm9 to OPNsense  since sophos will end support in june 2026.
we are currently running sophos and opnsense both on a sophos xg 330, ( 2 identical devices)
 
since sophos is quite different compared to opnsense we decided to export the sophos  configuration  and using a bunch of scripts to extract the proper data, and import everything via the api.

so far what we have been able to export and import succesfull: 

aliasses
allias groups ( it builds groups based on the firewall rules)
services
Services groups , (same as alias groups)
Firewall rules
nat rules
most  WAF related things, creating a new ha-proxy config for every virtual webserver. 

so i thought, since sophos utm is near EOL, maybe someone else can also benefit from those scripts.
i just started committing to github, so it is empty right now, but i expect the scripts to be there very soon
you can find the proper scripts on my github: https://github.com/pjottrr/sophosutm9_to_OPNsense_migrationtool
 

If you have any question, just send me a message
my native language is dutch
Today at 10:34:52 PM #1
Just fyi:

https://docs.opnsense.org/vendor/deciso/opnwaf.html

It's almost the same apache configuration and web application features as in UTM, and we support it fully in business support (if you ever need it).

If you want to stay mostly in community scope HA proxy is also fine.
Hardware:
DEC740
Today at 10:36:29 PM #2
we did buy the business edition, but everything is already configured in HA proxy now, but thnx for the tip
Print
Go Up Pages1
User actions