This page journals content related to SYS-350 milestone 1.

Table of contents

1. ESXI Configuration
   1. ESXI Reflection
2. Datastore/Virtual switch setup
   1. Datastore/Virtual switch reflection
3. GW01-WAN Setup
   1. GW01 reflection
4. Xubuntu setup
   1. Xubuntu reflection
5. mgmt1/firewall setup
   1. mgmt1 and firewall reflection
6. Base images
   1. pfSense base image setup
   2. Xubuntu base image setup
   3. Base images reflection

ESXI Configuration

NOTE: IP during setup was changed from 192.168.7.21 to 192.168.7.20 after ESXI had been setup!

First I accessed the IPMI of my server and logged in:

Then I went over to "Remote Control" > then accessed the server using the "iKVM/HTML5" tab/button:

This popped up a screen > I powercycled the server with the "Power Control" > then while the Supermico was booting I pressed F11 until I got the boot menu:

On the above screen I selected "General UDisk 5.00":

Then I selected the ESXI installer which started the installer:

The installer loaded:

I used "Continue" with Enter > "Accepted and Continue" with F11> the right storage device was already selected (the smallest (476GB) disk) and I installed ESXI on it with Enter:

And I selected to "Install ESXI, overwrite VMFS datastore" with Space > pressed Enter:

Then I selected my language "US Default" > set my Root password WHICH I SAVED:

Then got this screen and pressed Enter to continue:

Then I doubled checked my Install and Installed!

Install Completed:

I then removed the USB and rebooted the box > and pressed F11> selected the Micron drive (the drive I installed ESXI on:)

I was then met with the ESXI host configuration login screen after startup:

Then I pressed F2 > logged in with root which presented me this screen:

Then in "Configure Management Network" > "Network Adapter" > I set the adapter to vmnic1 as it was the interface I had connected:

Then in "IPv4 Configuration" I set the following IP information:

NOTE: This IP address would later be changed to "192.168.7.20"

Then in "DNS Configuration" I set:

Then in "Custom DNS Suffixes" I set the suffix:

Then I pressed Esc, applied the changed and restarted the management network with a "Y" to the prompt:

And then I could go to my set IP and I get the login to my ESXI web interface:

ESXI Reflection

This step was very familiar to me as I had done the exact same steps in my NET/SEC/SYS 480 class. Where I had most of the trouble was in setting my IP address from .21 to .20. When I initially set it I could no longer access my ESXI web interface. After troubleshooting this seemed to be a DNS issue in the lab and it is working as expected. I also had to reboot the box a couple of times when trying to access the ESXI host configuration since for some reason the Micron drive wasn't set as the boot default? I am not sure why this occurred but as I don't plan on restarting my server it is fine for now.

Datastore/Virtual switch setup

First I didn't accept the program:

Then in "Storage" > selected the "Devices" tab > selected the spare drive I have (the bigger of the 2) and used "Actions" drop down to clear the partition table:

Then I went to "Datastores" > "New datastore" and set the following settings:

(NOTE: Did select to erase data on the drive)

I also renamed the "datastore1" to "datastore1-super10":

Then I used the "Datastore browser" to create a folder on datastore2 > uploaded all of the needed ISOs for the lab:

Then I went to "Networking" > "Virtual switches" > "Add standard virtual switch" and added the following virtual switch:

(NOTE: REMOVED UPLINK)

Then in Port groups (still in Networking) pressed "Add port group" and created a port group with the following details:

The virtual switch created:

Datastore/Virtual switch reflection

This step was very familiar as it was almost the same as my NET/SEC/SYS 480 class. One major deviation was that I had to find out how to clear the partition table, as when I originally went to make a new datastore I ran into the issue of not having the ability to make it on my second drive. After investigating I deduced that since the drive had been used previously and was partitioned that was why ESXi couldn't make it a datastore. By clearing the partitions off it, I could then add it as a datastore.

GW01-WAN Setup

I right clicked "Virtual Machines" > "Create/Register VM" > set the following settings to make "GW01-WAN" (screenshots show non-default info):

Then I went into "Virtual Machines" tab > selected "GW01-WAN":

Then went to "Edit" > added the pfSense iso (used dropdown to select "Datastore ISO file" > selected iso using "Browse...":

Then rebooted the VM and clicked on the preview screen:

Pressed "Accept" > "Install":

Set "Auto (UFS)" > "Entire Disk":

Then once the system rebooted I pressed space > set the WAN interface > then the LAN interface > proceeded:

Then once it loaded I was met with the following:

I then selected 2 to "Set interfaces(s) IP address" and did the following (screenshots for the entire process are below):

1. 1 for the WAN

2. No DHCP

3. Set IP to "192.168.7.81"

4. Set subnet to /24

5. Set the upsteam/gateway to "192.168.7.250"

6. Did not set up IPv6

(Pressed Enter for none above)

With the WAN set I could ping google.com in the "Shell":

Then using the same process as above I set my LAN:

1. 2 for the LAN

2. No DHCP

3. Set IP to "10.0.17.2"

4. Set subnet to /24

5. Did not set the upstream gateway

6. Did not setup IPv6

Setup complete below:

GW01 reflection

This step went fairly smoothly as I have worked with pfSense before and have personally set it up from scratch, even the setup of the IP's was smooth. I did forget to take a snapshot of the VM, resulting in the necessity to make a pfSense base image, a mistake I do repeat for Xubuntu. Overall I do enjoy pfSense for it's simplicity but I have gained a lot of experience in Vyos and I have a lot of automation already built/know how to build so I would still call it my favorite.

Xubuntu setup

Then I created a VM for Xubuntu called "xubuntu2204.base" with the following specifications:

With the VM created I started it up and using the "Console" dropdown accessed the console in a new tab:

Then I selected to install Xubuntu > selected to "Install Xubuntu":

Then I selected the default language and setup a minimal installation:

Then selected to "Erase disk and install Xubuntu" (accepting to write the partition changes):

Then I set my timezone and created a generic user for Xubuntu with the following specifications:

1. Username set to genuser

2. Hostname of the computer set to xbase

3. Password set for genuser

With this finished the install would begin!

NOTE: Here I would make the pfSense base image as I had forgot to setup my GW01-WAN as a base image and needed to make a dedicated VM for it.

Xubuntu reflection

This step was pretty uneventful overall, as I have setup Xubuntu numerous times know especially in a minimal installation. What mistake I did make was like pfSense I forgot to make a base snapshot before it rebooted, which I could have fixed by sysprepping the VM before installing other stuff on it but as we see later that did not happen :).

mgmt1/firewall setup

NOTE: "xbase" is renamed to "mgmt1" at the end of the section

Once the Xubuntu installation was complete, I restarted the ""xubuntu2204.base"" VM (at the prompt inside the VM, did need to press Enter once at the blackscreen) and was met with this screen:

Once logged in I clicked the upper right spinning wheel next to the bell > "Edit Connections..." > selected "Wired connection 1" and then the gear wheel > set the following IPv4 settings:

After a few seconds I could go into the web browser and use "https://10.0.17.2" to access the pfSense login screen:

Where I used the default admin credentials of admin/pfSense to login and access the wizard:

In step 1 of the wizard I pressed continue > in step 2 I set the following

1. Hostname: "pfsuper10"

2. Domain: "oliver.local"

3. Primary dns: "1.1.1.1"

I then pressed "Next" and continued with default settings until step 4 in which I unchecked the "RFC1918 Private Networks" checkbox:

Then I continued until step 6 where I set my admin password WHICH I WROTE DOWN!

I then continued on with the steps as default values > reloaded pfSense (was prompted to do so) > arrived at this screen:

Example below showing that from my xbase management VM I can access the internet:

Finally I would go back into the ESXI host managment and reset the ESXI hostname to "super10" (see here to see how to get to this screen as it is the same one I accessed for "DNS Configuration" during the ESXI Configuration):

Then I pressed Esc, applied the changed and restarted the management network with a "Y" to the prompt.

And then I went back to my "xubuntu2204.base" VM > changed it's hostname from "xbase" to "mgmt1" with the following:

sudo hostnamectl set-hostname mgmt1

mgmt1 and firewall reflection

The pfSense setup and the Xubuntu finishing steps were pretty easy as I have done them in previous classes. Here also shows that I did not sysprep my Xubuntu and would later have to go back and make a Xubuntu base image. I may go back later and destroy the Xubuntu management VM > create a linked clone from base to save space but as I have 900GB on the datastore2 I should be fine. I did also install google remote desktop/google chrome on "mgmt1" but did not include it in this tech journal as it is a personal preference and not a lab requirement (but I do plan on making a guide for it as it seems to be a process I do a lot.) When I originally setup ESXI I also gave the ESXI a weird hostname that I corrected as the last thing by changing it to "super10" - doesn't change anything technical but I though it looked nicer. I also forgot to change "xbase" to "mgmt1" until the end of the section. Overall I liked the lab and it feels like a nice refresher of topics I covered last semester. I see on the horizon that vcenter installation will be next week which I am excited for as it means I will be able to more quickly manage my VMs.

Base images

While going through this lab I did not make base images for pfSense and Xubuntu from GW01-WAN and xubuntu2204.base. Below details the creation of each base VMs.

pfSense base image setup

NOTE: This creation took place originally while "xubuntu2204.base" was going through its installer created.

At this point I created another vm called "pf.base" in which I created an exact replica of GW01-WAN's VM settings and installed pfSense BUT SHUTDOWN INSTEAD OF REBOOTING (see GW01-WAN Setup) > disconnected its cd by changing it to "Host Device":

And created a snapshot by going to the "Actions" tab on the VM > "Snapshots" > "Take Snapshot":

And I named the snapshot "Base":

Xubuntu base image setup

I created a vm called "xubuntu2204.base2" with the following VM specifications (ISO file was set to the same Xubuntu ISO used for "xubuntu2204.base"):

I then went through the Xubuntu installer, making the same user/setting the same hostname as seen in Xubuntu setup. I then powered off and on "xubuntu2204.base2" and once logged in I clicked the upper right spinning wheel next to the bell > "Edit Connections..." > selected "Wired connection 1" and then the gear wheel > set the following IPv4 settings:

(NOTE: Did require unchecking the "Enable Networking" checkbox and re-checking it as I incorrectly set the DNS. Doing this allows networking to reset itself)

Then I ran the following command to add the instructors sysprep script and run it:

sudo -i
wget https://raw.githubusercontent.com/gmcyber/RangeControl/main/src/scripts/base-vms/ubuntu-desktop.sh
bash ./ubuntu-desktop.sh
shutdown now

Then once the VM shutdown I edited its settings > removed the ISO file (set to host device):

And then I went to the "Actions" tab on the VM > "Snapshots" > "Take Snapshot" > took a snapshot named "Base":

Base images reflection

Both of these were a good reminder that I have to take a second when going through the lab to read instruction/think about what I am doing. Something I mentioned before that I will probably end up doing it replacing my management VM with a linked clone of the base. My management clone also doesn't have openvm-tools so I will probably install that aswell.