Milestone 1 Hypervisor Setup - InaFricke/SEC-480 GitHub Wiki
Milestone 1 Hypervisor Setup
https://192.168.3.208/ui/#/host/vms/2
| Account | User | Password |
|---|---|---|
| ESXi Host Client | root | RoxiBoxi32 |
| vyos | vyso | RoxiBoxi |
| Xubuntu | ina, inag | RoxiRules480, RoxiBoxi |
| AD | deployer | RoxiRules32 |
Topology
ESXi Installation and Configuration Guide
Overview
This guide covers the installation and configuration of ESXi on physical servers, including network setup and initial VM deployment.
Prepare: Boot to an ESXi8 Installer USB Stick
Create a bootable USB installer using one of the following tools:
- RUFUS (download from Microsoft Store)
- Plug in USB to server 8
Access the Server Console iKVM
Access your assigned server through the iKVM interface.
- Open SUPER MICR > Remote control
Install ESXi
Follow the on-screen prompts to complete the ESXi installation.
- Power control > Set power reset
-
Spam F11 to enter the boot key on the keyboard
-
Find UEFI > select general udisk or sanddisk (choose usb drive) > Enter esxi installer
-
Accept the ULA press F11
-
Selects the smaller of the 2 drives (If there is an astric the last person did not wipe it. DO NOT SELECT
- Set root password
Password: RoxiRules32
-
Accept warnings and allow disk repartitioning F11
-
Success, Remove USB, press enter
Configure the Management Network
- Press F2 > Enter Password > Network Adapters
- Use a static IP assignment based on the host IP provided in the course IP spreadsheet
- DNS
- Reset to save and apply changes
Access the ESXi Web Interface
Navigate to the ESXi web interface using your configured management IP address.
SKIP FOR NOW Remove the IPMI Interface Connection (Optional)
- This step is optional
- There are currently enough interfaces on the course rack switches for everyone to leave the IPMI connection connected if desired
7. Configure Secondary Datastores
Check for any secondary datastores available
Storage > new datastore > name: datastore2 > use full disk
datastore2 > Datastore browser > create directory > name: ISO > X:\ISOs\SP26\SEC480
cd X:\ISOs\SP26\SEC480
- vyos-rolling-latest.iso
- WINDOWS_SERVER_EVAL_x64FRE_en-us_1.iso
- xubuntu-25.04-desktop-amd64.iso
8. Create a Virtual 480-WAN
Reference the ISOs & Networking demo for guidance
- ESXI Host Client > Networking > Virtual switches > Add standard virtual switch > Remove the part with an x keep defaults
- Add a port group > named 480 internal
Deploy Virtual Systems
Deploy the following virtual machines:
480-fw Your cyber.local gateway system
(Route to freeman)
CDROM data store iso connect at power on
Add a new network adapter.
xubuntu-wan: A 480-WAN based virtual machine
Name: 480-MGMT-Ina (xubuntu-wan) WONKY
Select Datastore2 > 1cpu > 20 GB > Network adapter (480 internal) > Disk provisioning (thin provisioned)
CD DVD change to datastore iso file data store 2 Isos xbuntu
Firewall Setup
- Power on
user: vyos
passwd: vyos
install image
yes
skip defaults
Choose the image
passwd: RoxiBoxi
reboot
configure
show interfaces
delete interfaces ethernet eth0 hw-id
delete interfaces ethernet eth1 hw-id
commit
save
show interfaces
set service ssh listen-address 0.0.0.0
commit
save
exit
poweroff
-
Take a snapshot named baseline
-
Add a new network adapter and change it to 480WAN
configure
set interfaces ethernet eth0 address 192.168.3.18/24
set interfaces ethernet eth1 address 10.0.17.2/24
set protocols static route 0.0.0.0/0 next-hop 192.168.3.250
set interfaces ethernet eth0 description ClassGW
set interfaces ethernet eth1 description CyberLab(480-wan)
set system name-server 192.168.4.4
set system name-server 192.168.4.5
set service dns forwarding listen-address 10.0.17.2
set service dns forwarding allow-from 10.0.17.0/24
set service dns forwarding system
set nat source rule 10 source address 10.0.17.0/24
set nat source rule 10 outbound-interface eth0
set nat source rule 10 translation address masquerade
set system host-name 480-fw
commit save
Refrences
fw-eth0: 192.168.3.18
room gateway: 192.168.3.250
fw-eth1: 10.0.17.2
cyber dns: 192.168.4.4, 192.168.4.5
- Reboot then, check interfaces and connectivity
xubuntu-wan setup
-
create new vm > set name to Xubuntu-WAN, 7.0 vm, Linux, Ubuntu Linux 64-bit > place in data store 2 > 2 CPU, 3 GB RAM, 30 GB hard disk, Thin provisioned, network adapter VM network, Datastore ISO of Xubuntu we copied over.
-
set it on the VM network to start
- Do a basic install, update if available (close installer and restart)
- Naming
computername: inaXU
Username: ina
Password: RoxiRules480
- It would not load so I repeated the whole process on a new VM with 2 CPU. This fixed my issue.
- On xubuntu firefox, visit gmcyber/RangeControl'src/scripts/base-vms/ubuntu-desktop.sh'
sudo -i
wget https://raw.githubusercontent.com/gmcyber/RangeControl/refs/heads/main/src/scripts/base-vms/ubuntu-desktop.sh
bash ubuntu-desktop.sh
shutdown -h now
- Edit settings,remove CD-ROM connection to ISO, and switch to the host device
-
Take snapshot
-
Rehost on WAN
- Create a named user
sudo adduser inag
sudo usermod -aG sudo inag
name: inag passwd: RoxiBoxi
- I was getting a 192.168 ip from DHCP for some reason. I manually forced a 10.0. I am not sure this is right.
sudo nmcli connection modify netplan-ens160 ipv4.method manual ipv4.addresses 10.0.17.100/24 ipv4.gateway 10.0.17.2 ipv4.dns 10.0.17.2
sudo nmcli connection down netplan-ens160
sudo nmcli connection up netplan-ens160
sudo ip addr del 192.168.3.60/24 dev ens160
ip addr
Still did not work, created a whole new connection.
Now DNS is not working.
RESET both, and it's working for some reason
Deliverables
Video Demonstration Requirements
Test Case Demonstration
Create a video that demonstrates the test case shown in the proof video.
Required Demonstrations
1. Network Connectivity Test
- From xubuntu-wan, run
tracepathtochamplain.edu - Must show 4 hops
tracepath -bm 4 champlain.edu
2. System Information
- Show the named xubuntu-wan administrative user
- Verify your IP address is 10.0.17.100
ip addr whoami groups inag hostname
3. Web Connectivity
- Browse to or
curlchamplain.edu