Lab01 Network Management - TrippCC/Sys-265 GitHub Wiki

Give web01 and IP, hostname, and sudo user

To add account useradd name passwd name (type Password)

to give user sudo privileges: usermod name -aG wheel

Make sure there are look up zone for all systems

Enabling SNMP

log into firewall from workstation admin/pfsense

services tab >SNMP

Enable the SNMP Daemon and its controls Use your name as the system contact take note of community string/ change it to something you will remember (Champlain123)

configure nmon02

root/Ch@mpl@1n!20

nmtui to set IP, gateway, DNS, domain, and hostname.

add nmon02 to DNS

Disable root ssh: vi /etc/ssh/ssh_config add PermitRootLogin no

use putty to remote into nmon02 make sure it has the correct DNS server

sudo yum install net-snmp-utils

snmpwalk -Os -c (community string) -v2c (name of firewall) system

putty into web01 sudo yum install net-snmp-untils net-snmp (if it gives you error and says "trying another mirror" check the DNS servers and make sure 8.8.8.8 is a secondary)

use "cp firstfilename secondfilename" to copy the /etc/snmp/snmpd.conf to another file

rm /etc/snnmp/snmp.conf this is to delete the file

nano /etc/snmp/snmpd.conf this is to edit the file add:

com2sec myNetwork 10.0.5.0/24 (Community string) group myROGroup v2c myNetwork view all included .1 80 access myROGroup "" any noauth exact all none none

enable snmp: systemctl enable snmpd start snmp: systemctl start snmpd status check:" systemctl status snmpd

allow SNMP through the web01 firewall: firewall-cmd --zone=public --add-port=161/udp firewall-cmd --reload

from mgmt putty into nmon02 SNMPwalk to web01: snmpwalk -Os -c (community string) -v2c (name of server) system

Installing SNMP Service on AD01 Change the firewall rules by enabling the "Remote Event Log Management" Firewall group. On mgmt go to Powershell Enable-PSRemoting -Force Enter-PSSession -ComputerName ad01-mason Set-NetFirewallRule -DisplayGroup "Remote Event Log Management" -Enabled True go to mgmt> Server Manager> Manage> add roles and features> Select ad01> Enable SNMP> Install

Install SNMP tool Remote Administration Feature: On mgmt> Server Manager> Manage> Add Roles and Features> Select mgmt> Features> Remote Server Administration> Feature administration tools> SNMP Tools> Install

Configure Service Security Properties: mgmt> all servers> right click ad01> computer management> Services and applications> services> right click on SNMP and click properties> Enter community strings and add nmon to list of hosts that ad01 can accept packets from. Restart SNMP services

from nmon02 snmpwalk -Os Champlain123 -v2c ad01-mason system

putty into web01 from mgmt> sudo tcpdump -i ens192 port 161 -c10 -AAA

then on nmon> snmpwalk -Os Champlain123 -v2c ad01-mason system