Moving (?) from Zentyal to nethserver

It seems we are washing up on the beaches in droves. I am/was a long time user with several personal and commercial installs under my belt. I was an active participant in the community there up until they started shifting away from the gateway product that drew me in. I stopped upgrading my system at 3.3 but have been keeping up with changes hoping to see the original features start returning.

I am now convinced that I am waiting for a ship that will never come in. I am sorry to see her go but Zentyal and I need to part ways. I am pretty attached to Zarafa as a email subsystem given how well it plays with Android as an Exchange replacement.

I am bringing 20+ years working with linux to the table. I am keenly interested in how the two (Nethserver and Zentyal) compare.

Denny

4 Likes

Doh, that’s sad but obviuolsy it’s a big opportunity to see how NethServer is made of!

We’re using SOGo but I have big news concerning a new Groupware, hope to let you know soon :smile:

Oh Denny, so big skills on the table! :+1: do you want to introduce yourself here?

@AbsyntH can help you and give a good feedback! Please post it soon! :smile:

2 Likes

Hi Guys,
I’ve started to use NetServer as an alternative to Zentyal since the 3.5 Version on a home server.
Unfortunately I agree with the former Zentyal users that since they released V3.x the zentyal team did not look at the comunity for feedback/bugs/responses.
As I’ve stated in the zentyal forum. If you design something for the comunity, then listen to the users needs/request/and advices.
If not, then say that it is closed source and that’s it (M$ way of doing business)
Since the curent 4.x version of Zentyal will not scale to the NethServer features i think that we should make a comparision of: eBox/Zentyal / ClearOS / Pfsense / NethServer.

If i may make a suggestion or two :). The feature requests should be somehow grouped and make some sort of a poll with votes (Like top 20 features). So in this way we can see what features are required more over others.

Also a How-To section needs to be more structured (in my opinion) :slight_smile:

I’ll be droping the zentyal 3.5 from production in the next week and try to replace it with NS 6.6 If all goes well I’ll post the results. If not … I’ll post the results anyway.
PS:
Let’s try and not make NethServer a clone of Zentyal/ClearOS but make something far far better :slight_smile:

Best regards
Bogdan

2 Likes

Why not? Do you know those products well enough to write something about?

i’m setting up a nethserver 6.6 to act as a backup server of a zentyal 4.0 when all is ready i will share the case of study :smiley:

2 Likes

I do want to see it :wink: really really curious!

Let’s do an “Ultimate Zentyal to NethServer migration guide” hihi

Thanks for the welcome. I will begin to participate more once I have installed and become familiar with Nethserver.

Sure let’s do it and share you’re feelings!

I’ve been using Zentyal for several years, and prior to that ClearOS preceded by IPCOP. In each case I’ve needed a network gateway that can do content filtering, traffic management, VPN and multi-wan. As Zentyal has moved away from gateway services, NethServer was recommended by a fellow Zentyal user. I just today got a test gateway running that has most of what I need. I’m very pleased with how easy it was to get started and with the robust support for gateway services. I especially appreciate the fact that ntopng and intrusion detection are easily installed, and that free filter blacklists are part of the web proxy package.

All in all, NethServer seems to be very well thought out. Thanks to all who have labored to create such a fine gateway/server package.

5 Likes

Thanks for these compliments! I’m forwarding them to the whole team!
@AZChas @half_life1052 if you want to be helpful that’s a good starting point

1 Like

As soon as Samba4 is integrated, this will be replacing all of my Zentyal deployments. The environments I manage are just too diverse to not have AD/GPO capability. This is a great product! Keep it up!

3 Likes

I moved 11 posts to a new topic: Why not Samba4/AD on NethServer?

I just made the move from Zentyal to Nethserver and I’m very pleased. Zentyal 4.1 has abandoned the gateway functions that I needed; Nethserver has those functions, including transparent proxy, web filtering, traffic shaping, firewall rules and multi-wan. This site has about 100 clients on two local networks, blue and green, and Nethserver manages that traffic to and from a 100Mb Internet connection.

I really appreciate the integration of Ntopng. Zentyal didn’t have any built-in traffic analysis tool, so I usually added Ntopng to my servers, but updates often clobbered my installs. I’m used to the idea of green, blue, orange and red interfaces from using IPCop – I use all 4 types on my network – so I like the way that model is used throughout NS.

I have a blacklist filter source that I have used, but I find that the included blacklists that come with NS work very well, and it’s a nice addition that they are automatically updated.

I have found that traffic moves through my NS gateway about 5-10% faster than it did through Zentyal, suggesting that your design is very efficient.

There are a few things about Zentyal that might make useful additions to NethServer.

Upload blacklist from file: Zentyal has no built-in recommended blacklists, but it does allow you to import a blacklist of your own from a tar.gz file.

Export/import confg backups. The NS automatic backup to USB drive is very nice. Zentyal only supported downloading a config backup to a local computer, which would be a useful addition to the current backup scheme. I keep a hot spare gateway running and attempt to keep the primary and backup machines configured identically, so that I can quickly swap them if I have a hardware failure. I found that I could clone the main server to the spare by moving my backup hard drive from one to the other and doing a restore, but the process would be simpler if I could just upload and restore a config file.

In doing the above cloning, I discovered that the server certificate was not part of the backup and did not copy from my main server to my hot spare. Creating a true clone machine would require moving that certificate manually. It would be nice if this could be changed.

Zentyal has a dashboard notification of updates to installed software, which was nice. It seemed like updates came out daily for either Zentyal or the underlying Ubuntu linux. I haven’t seen many updates for NS, and perhaps they are less frequent. (Also, both of my machines are having issues with the software center, so perhaps I’m not seeing them.)

Zentyal used the L7 filter and then dropped it. L7 is a very nice concept but is woefully out of date and really didn’t work well. If there is a better system for packet analysis and traffic shaping based on classes of services (libprotoident looks interesting), that would be a very useful future addition.

A final comment. I could not have moved to NS so quickly without the help of your excellent user docs and a very responsive user/developer community. The resources for learning about NethServer and the quick responses to questions are far better than anything I experienced when using Zentyal. Thanks!

7 Likes

Certificates added manually have to be added to the /etc/backup-config.d/custom.include.
Here’s mine as an example:
/etc/pki/tls/private/nethesis.key
/etc/pki/tls/certs/nethesis_2015-17.crt

The interface still misses a page to upload the backup, you’ll need to use scp to copy it prior to restore.

Updates are released almost daily, I think you should debug your problems with the software center.
Start with:

yum repolist

You should have:
centos-base
centos-updates
nethserver-base
nethserver-updates
Then a:

yum update

should offer updates or no errors.

l7-filter development seems to have stopped, maybe libprotoident is also stopped.
A promising tool we are evaluating is nDPI (http://www.ntop.org/products/deep-packet-inspection/ndpi/).

Whoa, good point :wink: happy to hear this

Like it, please add a new feature request about. You can use “Reply as linked topic function” on left side

Are you speaking about this?


Please create a new topic on Feature category

New software center has already this functionality, check:
http://www.nethserver.org/nethserver-6-6-released/

Thank you so much friend, this kind of feedback tell us that we’re on the right way!

Alessio: Blacklists are installed in Zentyal from the UI by uploading a blacklist file. NethServer’s approach is a better one, having blacklists built-in. You can always SSH in and add your own blacklists if you wanted something different, and NS does let you create custom categories from the UI, but I was referring to allowing a user to upload an entire list from the UI. Not a big deal.

Filippo: Yes, as soon as I get some time I want to try to find out what is killing the software center. I’ll report back.

Filippo: I don’t want to hijack this thread, but when I do yum update I get the following error:

Loaded plugins: changelog, fastestmirror, nethserver_events, presto
Setting up Update Process
Determining fastest mirrors
YumRepo Error: All mirror URLs are not using ftp, http[s] or file. Eg. Invalid release/
removing mirrorlist with no valid mirrors: /var/cache/yum/x86_64/6/centos-base/mirrorlist.txt
Error: Cannot find a valid baseurl for repo: centos-base

For some reason the mirrorlist.txt files are missing from centos-base and centos-updates, but they are both there for nethserver-base and nethserver-updates. Any thoughts on what might have deleted those files?