Hi everyone!

So I have been attempting to install Security Onion on my VMware Workstation instance for a while now and it has been mostly chaotic. I know it is likely me skill issuing very hard but if you fall into some traps and cannot figure out what to do here are my suggestions.

VMWare Config Settings:

• Make sure you have at least 16GB RAM if you are installing ‘STANDALONE’ version
• Set your Network Adapter to ‘Bridged (Automatic)’
• Add a second Network Adapter as ‘NAT’

If you ever fail with your setup you have the magic command line instead of restarting your instance the hard way. I should have read the documentation on docs.securityonion.net/en/2.4/installation.html as you can rerun setup with:
sudo SecurityOnion/setup/so-setup iso

When you run through the installation wizard, make your management interface is set to the bridged network adapter and your Monitor Interface is set to the NAT network adapter.

If you have selected ‘STANDARD’ method of installation and after setting up it cannot establish a connection to sigs.securityonion.net try the following options:

1. Try ping -c 4 8.8.8.8 if this results to failed connections your VMware Network adapter might be playing up. You will need to edit your ‘VMNet0’ adapter settings to exclude your bridged connection to only physical network cards. To do so, you will need to run as administrator and click on ‘Automatic Settings’. Make sure you have powered off your current Security Onion instance and turn it back on again.
   
   community.broadcom.com/vmware-cloud-foundation/discussion/network-bridge-mode-not-working-windows-10-host has a great explanation why this may occur. The 12th comment is your golden crown to the solution.
   
2. This took a while for me but if everything works and you still encounter a stuck screen, I suggest you to rerun your setup with sudo SecurityOnion/setup/so-setup iso but change your setup from ‘Standard’ to ‘Airgap’ mode. This will install the packages currently. I thank github.com/Security-Onion-Solutions/securityonion/discussions/12828 for the suggestion.
   

If a bunch of errors pop up when installing on Airgap mode, do not worry. I also faced this issue. Let it run all the way and when it finishes, restart the machine. Rerun the setup again but this time, select ‘Standard’. I am not sure why this works but you can suddenly download the install the packages successfully.

You might experience a pause for a long time on the download screen but give it a bit of time and it will install itself. The scripts might hang for a long time but give it time and it will install. Depending on your hardware configuration it may take some time. Sit back and relax and let the magic happen.

Voila! Hope it works!