Lab Network Management - nicolas-tullio/Tech-Journal GitHub Wiki

Setup web01-nicolas

  • change the network adapter to LAN, then power on, and run nmtui
  • set the ip to 10.0.5.200/24
  • set gateway, DNS, domain name, and hostname

Configure fw01's SNMP Service

  • On wks01-nicolas go to pfsense (10.0.5.2)
  • Go to settings services and SMNP and enable it
  • Make sure the bind Interfaces is on LAN
  • Hit restart in the top right.

Setup nmon01

  • change the network adapter to LAN, then power on, and run nmtui
  • set the ip to 10.0.5.11/24
  • set gateway, DNS, domain name, and hostname
  • useradd nicolas.tullio --> passwd password --> usermod -aG wheel nicolas.tullio
  • edit /etc/ssh/sshd_config to PermitRootLogin no

Install SNMPD on web01

  • ssh into web01 and run sudo yum install net-snmp-utils net-snmp
  • edit /etc/snmp/snmpd.conf to only these lines image
  • run systemctl enable snmpd.service and systemctl start snmpd.service
  • firewall-cmd --add-port=161/udp --permanent

Install SNMP Service on AD01

  • AD01 --> roles and features --> under features find SNMP service and install it

Install SNMP Tools on MGMT01

  • On MGMT01 add roles and features. Look into the features and find SNMP-tools under remote administration

Enable Remote Management on AD01

  • right-click on ad01 and open PowerShell
  • enter: Set-NetFirewallRule -DisplayGroup "Remote Event Log Management" -Enabled True
  • on MGMT01 try to right-click on AD01 again and select computer management
  • Go to services and applications --> services --> SNMP service
  • Go into the security tab and add accepted community name
  • restart the SNMP service on ad01

Query AD01 from nmon01

  • snmpwalk -Os -c SYS265 -v2c ad01-nicolas | wc -1
  • snmpwalk -Os -c SYS265 -v2c ad01-nicolas system

Capturing snmp Packets nmon01 --> web01

  • On web01-nicolas run: sudo tcpdump -i ens192 port 161 -c10 -AAA
  • On nmon01 run: snmpwalk -Os -c SYS265 -v2c web01-nicolas system

Terms to Know

SNMP service

  • Simple Network Management Protocol, an application layer protocol
  • SNMP talks to the network to find out information related to the network activity.

TCP Dump

  • A data-network packet analyzer computer program that runs under a command-line interface
  • It allows TCP/IP and other packets to be transmitted or received over a network to which the computer is attached

Remote Event Log Management

  • Installed on systems in which you can then see basic logs from one system to another
  • Creates a centralized location to show logs