Jump to:navigation, search
Wiki

Virtualized UTM - ESXi

From Securepoint Wiki





notempty
Dieser Artikel bezieht sich auf eine nicht mehr aktuelle Version!

notempty
Der Artikel für die neueste Version steht hier

notempty
Zu diesem Artikel gibt es bereits eine neuere Version, die sich allerdings auf eine Reseller-Preview bezieht

















































De.png
En.png
Fr.png






Setup and configuration of a Virtual UTM in VMware ESXi
Last adaption: 12.4
New:
notempty
This article refers to a Resellerpreview

v11.7

Requirements

  • ESXi 6.7.0 or higher
  • License for the UTM
  • Installation image from the Resellerportal
  • For dimensioning specifications see the following Wiki article

ESXi

Installation image

  • Memory storage
  1. Open file storage browser
  2. Upload installation image

Network

Virtual Switches

For communication, at least two virtual switches are required. Two virtual standard switches are created under "Network" -> "Virtual switches". These are named according to their function (e.g. v_Switch_external, v_Switch_internal). Then an uplink to the physical NetworkInterfaceCard for the external switch is added.

Port groups

Port groups are required so that the switches can be created in the UTM. Again, two port groups are created for the internal and external network and linked to the respective virtual switch.

Virtual machine

  • Virtual machine -> Create/register VM
Setup Wizard
Step 1
Step 1
  • Assign names (Ex: UTM_01)
The following settings have proven to be effective:
updated
Caption Value Description UTM v12.4 ESXi-en.png
Recommended settings
Compatibility: Virtual ESXi 6.7 machine Set compatibility as high as possible.
Guest operating system family: Other Select the family of the guest operating system. Depending on the selection, the version of the guest operating system must be selected accordingly.
Linux
Version of the guest operating system: VMware ESXi 6.5 or higher Based on the guest operating system family selection, select the appropriate version.
Other Linux system (64 bit)
Step 2
Step 2
  • Select storage location
Step 3
Step 3
  • Specifications for CPU, RAM and HDD in the Wiki
  • Do not change SCSI controller & USB controller
  • Network adapter -> as first adapter the switch for the external connection, as second adapter the switch for the internal network
  • CD/DVD drive -> click on Data Storage ISO file and select the installation ISO
  • Select VM -> Switch on -> Console -> Set keyboard to German at the top of the frame


Configuration of the UTM

Scenario 1

Without a client on the internal network, the UTM must be preconfigured for external access via the console.

Uebersicht-konfiguration-cli.png
  • Login admin // insecure
  • Assignment of the external IP
interface address new device eth0 address 178.63.12.253/30
  • Setting an administration IP
manager new hostlist 87.139.55.127/32
  • Set route
route new dst „0.0.0.0/0“ device „eth0“ router „178.63.12.254“
  • Save configuration, set as startup configuration and restart
system config save name test
system config set name  test
system update interface

The last command causes the changes to be applied. Now the web interface of the UTM should be accessible from the IP specified as manager via the external IP of the UTM.

Access is via HTTPS and port 11115

Scenario 2

A client with graphical interface is connected to the internal network of the UTM (Lan 2 // eth1). From here it is possible to access the web interface of the UTM directly. For this purpose, the client only has to get an IP from the IP range 192.168.175.0/24.

Retrieved from "https://wiki.securepoint.de/index.php?title=UTM/ESXi_6.7&oldid=86697"