Announcement

Collapse
No announcement yet.

Dome Firewall VA 2.6 and Central Manager 1.4 Release Announcement

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Dome Firewall VA 2.6 and Central Manager 1.4 Release Announcement

    Hi Everybody,

    We are happy to announce global availability of Dome Firewall Virtual Appliance 2.6.0 and Central Manager 1.4.0. This release provides several improvements and various fixes. This post communicates all the major changes in Dome Firewall 2.6.0 and Central Manager 1.4.0.

    What's New ?
    • L2TP VPN Support: By using L2TP IPSEC PSK client-to-site VPN tunnels now can be created for mobile devices, smartphones and tablets.
    • Dome Firewall Central Manager now can be used for managing VPN settings and users of multiple remote Dome Firewalls from a single window and without having to leave your seat.
    • A new bootable USB Script is available for creating USB Sticks for installing Dome Firewall 2.6.0 physical machines of your choice. Please check below for How-to.

    All previous versions of Dome Firewall Central Manager are updated to 1.4.0 and in order to upgrade Dome Firewall to latest version go to System > Firmware and hit Upgrade button. For more info please visit: https://help.comodo.com/topic-451-1-...e-Version.html


    Feel free to check the attached Release Notes for further information.

    Click here to learn more about Dome Firewall and get your own copy of the software today, it's FREE!!



    How to create USB Sticks for installing Dome Firewall 2.6.0 to hardware appliance of your Choice:

    This guide will help you create USB installation sticks for Dome Firewall 2.6.0.

    Prequisites:
    • Ubuntu 14.04 (or an equivalent debian distro)
    • A Dome Firewall 2.6.0 ISO image to use
    • A USB flash disk of at least 2GB ( Warning : the contents of the disk will be completely erased after the operation)
    • A debian based distro
    • The installer script

    Here you can find the Installer Script https://cdome.comodo.com/release-notes/DomeFWUSBscript/make_usb_installer.sh

    >Step 1: Copy the script to a local folder

    Code:
     $ mkdir usb-creation  
     $ cd usb-creation  
     $ cp  ./make_usb_installer.sh .
    >Step 2: Insert the target USB media into one of the USB ports, note the mounted device

    >Step 3: Invoke the script as shown below:

    Assuming the USB Port is mounted as /dev/sdc , if else please update below path accordingly.

    Code:
     $  ./make_usb_installer.sh /dev/sdc <path-to-iso-image>

    Now your USB installation stick is ready to be used! All you have to do is insert USB into the phsyical appliance of your choice and hit Enter in the installation screen that shows "Install Dome Firewall"
    Attached Files
    Last edited by bulut; 10-31-2018, 07:05 PM.

  • #2
    Hi,
    Register to Central Manager


    not working,

    turn it on, add IP and ORG remark, connect. All saves but noting happens

    Noting in Pending Devices.

    James Dyke.
    Director DittoIT.
    www.DittoIT.co.uk
    Backup, Disaster Recovery & Business Continuity.

    Comment


    • #3
      Also, NEED DNS to be allowed for the server "ip" im running this in Azure so to reduce cost a DNS name would be nice.
      James Dyke.
      Director DittoIT.
      www.DittoIT.co.uk
      Backup, Disaster Recovery & Business Continuity.

      Comment


      • #4
        dittoit ,

        We have created a support ticket to assist you further with your reported issue.

        Comment


        • #5
          Hello,

          The download link for the usb installer isn't working.

          Thanks

          Comment


          • #6
            As of this post, we are able to download the shell script for the USB installer using the following link:
            You may want to try using a different browser if your current one is still not allowing you to download it. If somehow you are still unable to download it, feel free to copy+paste the contents of the shell script below:
            Code:
            #!/bin/bash
            
            export THIS=$(basename $0)
            
            if [ $# -ne 2 ]; then
                echo "usage: $THIS [usb_dev_entry] [Comodo_UTM_iso]"
                echo
                echo "example:"
                echo "       $THIS /dev/sdb ~/Downloads/ComodoUTM-1-1-0-598-i386.iso"
                exit 1;
            fi
            
            export FLASH=$1
            export ISO_IMAGE=$2
            export PRIMARY_PARTITION=${FLASH}1
            export LABEL="Comodo_UTM"
            export PTYPE=msdos
            export FLASH_MNT_DIR=$(tempfile)
            export ISO_MNT_DIR=$(tempfile)
            
            # Environmental variables
            export BAUD=${BAUD-115200}
            
            ask_question() {
                local QUESTION="$*"
            
                while [ 1 ]; do
                    echo -n "$QUESTION (y/n): "
                    read ANSWER
            
                    [ -n "$ANSWER" ] || continue
            
                    if [ "$ANSWER" == "y" ]; then
                        return 0
                    elif [ "$ANSWER" == "n" ]; then
                        return 1
                    fi
                done
            }
            
            get_flash_size() {
                parted -s $FLASH print|awk '/^Disk/ {print $3}'|sed 's/[Mm][Bb]//'
            }
            
            print_flash_partitions() {
                parted -s $FLASH print|awk '/^ / {print $1}'
            }
            
            remove_all_partitions() {
                echo "+ Removing all partitions on $FLASH"
                if ! ask_question "  ! All the data on $FLASH will be lost. Do you want to continue ?"; then
                    echo "Quiting"
                    exit 0
                fi
            
                for v_partition in $(print_flash_partitions); do
                    echo -n "  -> removing ${FLASH}${v_partition} "
                    parted -s $FLASH rm ${v_partition} && echo "ok" || echo "failed"
                   done
            }
            
            create_partition_table() {
                local SIZE=$1
            
                echo "+ Creating a new partition on $FLASH"
                parted -a optimal $FLASH mklabel $PTYPE
                parted -a optimal -- $FLASH unit compact mkpart primary ext3 "1" "-1"
                parted $FLASH set 1 boot on
                mkdosfs -n "$LABEL" $PRIMARY_PARTITION && echo "OK. That's it"
            }
            
            create_temp_dirs() {
                rm -f $FLASH_MNT_DIR $ISO_MNT_DIR
                mkdir -p $FLASH_MNT_DIR
                mkdir -p $ISO_MNT_DIR
            }
            
            get_flash_uuid() {
                blkid|grep ${PRIMARY_PARTITION}|awk '{gsub(/UUID=/, "", $3); print $3;}'|tr -d '"'
            }
            
            mount_iso_and_flash() {
                # Mount ISO image
                mount -o loop $ISO_IMAGE $ISO_MNT_DIR || return 1
            
                # Mount FLASH disk
                mount $PRIMARY_PARTITION $FLASH_MNT_DIR || return 1
                rm -rf $FLASH_MNT_DIR/*
            }
            
            copy_iso_files() {
                echo "+ Copying ISO files"
            
                #rsync -ah --progress $ISO_MNT_DIR/isolinux/ $FLASH_MNT_DIR/syslinux/ --exclude=postinstall
                rsync -ah --progress $ISO_MNT_DIR/isolinux/ $FLASH_MNT_DIR/syslinux/
                sleep 2
                rsync -ah --progress $ISO_MNT_DIR/ks $FLASH_MNT_DIR/
                sleep 2
                rsync -ah --progress $ISO_MNT_DIR/images $FLASH_MNT_DIR/
                sleep 2
                rsync -av --progress $ISO_IMAGE $FLASH_MNT_DIR/
                sleep 2
                # Remove all ISO specific files
                find $FLASH_MNT_DIR -name TRANS*|xargs rm -f
            
                echo "+ Unmounting $PRIMARY_PARTITION"
                sync
                umount $PRIMARY_PARTITION
            
                echo "+ Running syslinux"
                syslinux -i -d syslinux $PRIMARY_PARTITION
            
                echo "+ Installing MBR"
                install-mbr ${FLASH}
            
                echo "+ Configuring syslinux.cfg"
                mount $PRIMARY_PARTITION $FLASH_MNT_DIR
            
                local UUID=$(get_flash_uuid)
            cat<<EOF > $FLASH_MNT_DIR/syslinux/syslinux.cfg
            default vesamenu.c32
            prompt 0
            
            menu background splash.jpg
            menu title Welcome to ComodoUTM Installation!
            menu color border 0 #ffffffff #00000000
            menu color sel 7 #ffffffff #ff000000
            menu color title 0 #ffffffff #00000000
            menu color tabmsg 0 #ffffffff #00000000
            menu color unsel 0 #ffffffff #00000000
            menu color hotsel 0 #ff000000 #ffffffff
            menu color hotkey 7 #ffffffff #ff000000
            menu color timeout_msg 0 #ffffffff #00000000
            menu color timeout 0 #ffffffff #00000000
            menu color cmdline 0 #ffffffff #00000000
            
            serial 0 ${BAUD}
            
            label ubnentry1
            menu label ^Install or upgrade an existing system
            kernel /syslinux/vmlinuz
            append initrd=/syslinux/initrd.img LANG=en_US.UTF-8 repo=hd:UUID=${UUID}:/ ks=hd:UUID=${UUID}:/ks/ks.cfg console=tty0 console=ttyS0,${BAUD}n8
            
            label ubnentry3
            menu label ^Rescue installed system
            kernel /syslinux/vmlinuz
            append initrd=/syslinux/initrd.img rescue console=tty0 console=ttyS0,${BAUD}n8
            
            label ubnentry4
            menu label ^Memory test
            kernel /syslinux/memtest
            append initrd=/ubninit -
            EOF
                cp $ISO_MNT_DIR/ks-usb/ks.cfg  $FLASH_MNT_DIR/ks/
            
                echo "+ Unmounting $PRIMARY_PARTITION"
                sync
                umount $PRIMARY_PARTITION
            }
            
            cleanup_everything() {
                echo "+ Finishing"
                umount $PRIMARY_PARTITION 2>/dev/null
                umount $ISO_MNT_DIR 2>/dev/null
                rm -rf $FLASH_MNT_DIR $ISO_MNT_DIR
            }
            
            trap "cleanup_everything" EXIT
            
            ### main
                remove_all_partitions   && \
                create_partition_table  && \
                create_temp_dirs        && \
                mount_iso_and_flash     && \
                copy_iso_files
            
            
            UUID=$(get_flash_uuid)
            cat<<EOF > $FLASH_MNT_DIR/syslinux/syslinux.cfg
            default vesamenu.c32
            prompt 0
            
            menu background splash.jpg
            menu title Welcome to ComodoUTM Installation!
            menu color border 0 #ffffffff #00000000
            menu color sel 7 #ffffffff #ff000000
            menu color title 0 #ffffffff #00000000
            menu color tabmsg 0 #ffffffff #00000000
            menu color unsel 0 #ffffffff #00000000
            menu color hotsel 0 #ff000000 #ffffffff
            menu color hotkey 7 #ffffffff #ff000000
            menu color timeout_msg 0 #ffffffff #00000000
            menu color timeout 0 #ffffffff #00000000
            menu color cmdline 0 #ffffffff #00000000
            
            serial 0 ${BAUD}
            
            label ubnentry1
            menu label ^Install or upgrade an existing system
            kernel /syslinux/vmlinuz
            append initrd=/syslinux/initrd.img LANG=en_US.UTF-8 repo=hd:UUID=${UUID}:/ ks=hd:UUID=${UUID}:/ks/ks.cfg console=tty0 console=ttyS0,${BAUD}n8
            
            label ubnentry3
            menu label ^Rescue installed system
            kernel /syslinux/vmlinuz
            append initrd=/syslinux/initrd.img rescue console=tty0 console=ttyS0,${BAUD}n8
            
            label ubnentry4
            menu label ^Memory test
            kernel /syslinux/memtest
            append initrd=/ubninit -
            EOF
                cp $ISO_MNT_DIR/ks-usb/ks.cfg  $FLASH_MNT_DIR/ks/
            
                echo "+ Unmounting $PRIMARY_PARTITION"
                sync
                umount $PRIMARY_PARTITION

            Comment


            • #7
              Hi, is there a minimum spec to run Dome Firewall direct on hardware? i.e. CPU/RAM/NIC..etc

              Comment


              • #8
                Hello Marveltec,
                • Please ensure your PC meets the following minimum requirements:
                • 1 x Intel or equivalent CPU
                • 2 GB RAM
                • 4 GB Storage
                • 2 x 1 GbE NIC
                Thank you,

                Comment


                • #9
                  Hello MattBlacK85,

                  May we request to try the link below.

                  https://cdome.comodo.com/release-not...b_installer.sh

                  Thank you and please let us know if the given link works for you.

                  Comment


                  • #10
                    Hi,

                    been playing with dome firewall and central manager.

                    which port does Central manager communicate back to the firewall on?

                    Feature request:
                    need the ability for the firewall to send a custom domain name "firewall.yourdomain.com" instead of the internet IP set on the interface to Central Manager so that it can communicate with Firewalls behind an LTE/Gateway device that controls the internet breakout.

                    Comment


                    • #11
                      Hello Marveltec,

                      Thank you very much for providing us your suggestion for "[Dome Firewall Central Manager] Feature request: Ability to send us a custom domain instead of the internet IP". Your input is important to us as it will help to improve the usefulness of C1 for the entire users community.

                      We have submitted your request to our product team. They will review it and determine where it will fit best on the product road-map. You will also receive an email from us shortly regarding on your other query.

                      Thank you.

                      Comment


                      • #12
                        Hi I have been testing Dome Firewall running on both VM and Hardware and there seems to be an issue with HTTPS/Web filtering it works intermittently and the service seems to crash often requiring a reboot of the VM or Hardware or making changes to the HTTPS proxy settings and updating which restarts the service.

                        Comment


                        • #13
                          Marveltec ,

                          We have created a support ticket in assisting you further with your report. Please check your forum registered email for some details we might need for investigation.

                          Comment

                          Working...
                          X