Without integration drivers this is only good for testing or in my case standing up a spam filter so I can block the spammers that somehow got my test exchange server email address. Those damn bastards!
What I have:
On my 08 test server I have AD, DNS, DHCP, IIS, RRAS, Exchange, and Hyper-V roles. This is my host box and playground.
In Hyper-V you need to configure your virtual networks. Open Virtual Network Manager and create an "External" network and an "internal only" network. External must be set to the physical NIC not used by the host box DC. There isn't a wrong way to set up the internal NIC at this point so just create it and label it.
Now what will happen is UT will act as a bridge between the internal only network and the external. To do this we must create an untangle VM and install it as a bridge. Create your virtual machine and after it has been created open the settings and remove the Hyper-V NICs, they won't work right. Click Add hardware, 2 legacy NICs, the first to the external network, the second to the internal network. Make sure on these NICs you have "Enable spoofing of MAC addresses" checked for both. Otherwise the bridging won't work. Save
Install untangle using the tab key to work through the prompts. OK its booted and I am logged in but I can't do anything cause the mouse don't work. I tried from the console and all but I found a different way to do this.
http://forums.untangle.com/hacks/263...l-hyper-v.html
You should have booted in single user mode and be at a root prompt.
Type these commands:
You will now have an untangle VM that can listen for SSH. Hopefully you wrote down what IP your box pulled or assigned it one. Use PuTTY or whatever to SSH into your VM. OK so I can SSH in so now how do I get external remote access?
UT moved system configuration files into "/usr/share/untangle/settings/", we need to edit one of these files to enable external access. Then restart the UVM.
Run these commands once connected and logged into SSH:
Make sure system.js and system.js-version-xxxxxxxxxx are all edited so the below fields are set:
With a little luck you should be able to access the web page and manage your virtual Untangle box now. Edit the configuration as you please. Make sure your in bridge mode. The NICs due to being legacy work but show no connectivity.
Last part is to set an IP address on your 2008 server in the network share center to an IP you wish to use behind UT. I confirmed I could ping this IP from a workstation to verify my traffic went from PC -> router -> virtual switch -> UT -> internal NIC -> server. I then also did a telnet on 25 to see if my SMTP server responded, it did. Set router port forwards and send a test email from a remote system and watch the SMTP counter go up. YAY. Maybe I can actually use activesync on my phone again without getting emails about how people liked my profile and want a descrete meeting.
I really would discourage using untangle in a production environment with Hyper-V. VMWare or hardware would be best for that. Also probably the process above may violate UT support agreement. Though I don't think I did anything extreme here, I still did manually edit some configuration files in the OS which is usually a instant killer for any support. But hey I been wondering how I could do this for a little while now and finally figured it out. So I thought I would share.
What I have:
- I am using 2008 R2 Datacenter
- I have 2 physical NICs
On my 08 test server I have AD, DNS, DHCP, IIS, RRAS, Exchange, and Hyper-V roles. This is my host box and playground.
In Hyper-V you need to configure your virtual networks. Open Virtual Network Manager and create an "External" network and an "internal only" network. External must be set to the physical NIC not used by the host box DC. There isn't a wrong way to set up the internal NIC at this point so just create it and label it.
Now what will happen is UT will act as a bridge between the internal only network and the external. To do this we must create an untangle VM and install it as a bridge. Create your virtual machine and after it has been created open the settings and remove the Hyper-V NICs, they won't work right. Click Add hardware, 2 legacy NICs, the first to the external network, the second to the internal network. Make sure on these NICs you have "Enable spoofing of MAC addresses" checked for both. Otherwise the bridging won't work. Save
Install untangle using the tab key to work through the prompts. OK its booted and I am logged in but I can't do anything cause the mouse don't work. I tried from the console and all but I found a different way to do this.
http://forums.untangle.com/hacks/263...l-hyper-v.html
- Reboot your VM
- press a key at grub menu and pick the top option
- press e and go to kernel line and press e again
- edit the end of the line; remove "quiet splash" and add "init=/bin/bash"
- press enter then B to boot
You should have booted in single user mode and be at a root prompt.
Type these commands:
- "mount -o remount rw /"
- "passwd"
- enter the password for root you want to use, twice
- "rm /etc/ssh/sshd_not_to_be_run"
- "reboot"
You will now have an untangle VM that can listen for SSH. Hopefully you wrote down what IP your box pulled or assigned it one. Use PuTTY or whatever to SSH into your VM. OK so I can SSH in so now how do I get external remote access?
UT moved system configuration files into "/usr/share/untangle/settings/", we need to edit one of these files to enable external access. Then restart the UVM.
Run these commands once connected and logged into SSH:
- "cd /usr/share/untangle/settings/untangle-vm"
- locate the "system.js" files and edit them; I used pico
Make sure system.js and system.js-version-xxxxxxxxxx are all edited so the below fields are set:
Code:
"outsideHttpsAdministrationEnabled": true,
"outsideHttpsEnabled": true,
"outsideHttpsQuarantineEnabled": true,
"outsideHttpsReportingEnabled": true,- Now run "/etc/init.d/untangle-vm restart"
With a little luck you should be able to access the web page and manage your virtual Untangle box now. Edit the configuration as you please. Make sure your in bridge mode. The NICs due to being legacy work but show no connectivity.
Last part is to set an IP address on your 2008 server in the network share center to an IP you wish to use behind UT. I confirmed I could ping this IP from a workstation to verify my traffic went from PC -> router -> virtual switch -> UT -> internal NIC -> server. I then also did a telnet on 25 to see if my SMTP server responded, it did. Set router port forwards and send a test email from a remote system and watch the SMTP counter go up. YAY. Maybe I can actually use activesync on my phone again without getting emails about how people liked my profile and want a descrete meeting.
I really would discourage using untangle in a production environment with Hyper-V. VMWare or hardware would be best for that. Also probably the process above may violate UT support agreement. Though I don't think I did anything extreme here, I still did manually edit some configuration files in the OS which is usually a instant killer for any support. But hey I been wondering how I could do this for a little while now and finally figured it out. So I thought I would share.