Lab 1: Network Management S20 - adaley0518/Tech_Journal GitHub Wiki

Lab 1: Network Management, this lab involves configuring SNMP services on fw01, web01, and ad01. I'm going to use nmon01 to configure a network monitoring system. This is where I will query the system for SNMP properties.

Configure web01:

  • make sure network adapter is connected to LAN
  • network
    • IP: 10.0.5.200/24
    • Hostname: web01-amber
  • add a named sudo user called yourname
  • check DNS entries for ad01, web01, and fw01

Configure fw01's SNMP Service:

  • enable SNMP services
    • go to 'https://10.0.5.2' for pfsense
    • go to services tab and click 'SNMP'
    • enable the SNMP Daemon and its control
    • port: 161
    • system location: lakeside
    • System Contact: Amber Daley
    • Read Community String: SYS265
    • Bind interfaces: LAN *save and restart the SNMP service

Configure nmon01:

  • set network to LAN
  • networking
    • IP: 10.0.5.11/24 on LAN
    • Gateway: 10.0.5.2
    • DNS: 10.0.5.5
    • Domain: amber.local
    • check off 'Automatically connect'
    • Give host name: nmon01-amber
  • add nmon01 to DNS on ad01
  • add a sudo user, disable root SSH and manage with sudo account via PuTTY from mgmt01 Secured SSH

Install and Test SNMP Client on nmon01:

  • using PuTTY install SNMP
    • command: sudo yum install net-snmp-utils
  • use nslookup 10.0.5.2 to check fw01 connection
  • look at the SNMP values from fw01
    • command: snmpwalk -Os -c SYS265 -v2c fw01-amber system

Install SNMPD on web01:

  • using web01 on PuTTY install snmp
    • command: sudo yum install net-snmp-utils net-snmp
  • make a copy of the snmp configuration file
    • command: cp /etc/snmp/snmpd.conf
  • move the copy to a different directory
    • command: mv /etc/snmp.snmpd.conf ~ (directory)
  • create a new version of the file
    • command: vi /etc/snmp/snmpd.conf
  • edit the file to read the following:
    • "com2sec myNetwork 10.0.5.0/24 SYS265 (next line) group myROGroup v2c myNetwork (next line) view all included .1 80 (next line) access myROGroup "" any noauth exact all none none
  • now enable, start, and check the status of the snmpd service
    • systemctl enable snmpd
    • systemctl start snmpd
    • systemctl status snmpd
  • allow port161/UDP through the firewall permanently
    • command: firewall-cmd --permanent --add-port=161/UDP
    • command: firewall-cmd --reload
  • from nmon01, query web01 DNS
  • on nmon01 check snmp connection
    • snmpwalk -Os -c SYS265 -v2c web01-amber system

Install SNMP Service on AD01

  • install SNMP service feature on AD01 using Server Manager on MGMT

Install SNMP Tools on MHMT01

  • install SNMP-Tools Remote Administration Feature on MGM01

Enable Remote Management on AD01

  • invoke a Remote PowerShell Session with AD01 from mgmt01
    • This will allow the remote computer management for ad01
  • Change the firewall rules once in the PowerShell session
    • command: Set-NetFirewallRule -DisplayGroup "Remote Event Log Management" -Enabled True
  • open Remote Computer Management on AD01 (there should be no error)

SNMP Service Security PRoperties on AD01

  • go to 'Services and Applications' --> "Services"
  • find SNMP Service, right-click for properties
  • go to 'Security'
    • add 'SYS265' to the community names
    • add 'nmon01-yourname'as a host and remove localhost
  • restart SNMP Service on ad01