Props to my man Courtney for turning me onto this nice little linux distro. It's called ZeroShell and it does a tonne of cool stuff. Ideal for the CCIE Security lab, if resources are an issue. It will run happily on a 5GB harddisk, and hardly uses any resources when resting.
So, do you want a full list of ZeroShell's capabilities? Of course you do. It will do:
- Load balancing & failover over multiple internet connections
- RADIUS server (802.1x, EAP-TLS, EAP-TTLS, PEAP
- Captive portal for wired and wireless clients
- QoS
- HTTP proxy
- VPN
- RIPv2
- STP
- 802.1Q
- NAT
- Multi-zone DNS
- DHCP
- LDAP integration
It's got a lot of cool features. Check it out over at http://www.zeroshell.org/.
So anyway, Courtney said he was going to document how to get it running on GNS3, and I thought it would be cool to try it out on UNetLab.
I started by creating a folder called win-zeroshell under /opt/unetlab/addons/qemu/ - it's got to be called win- at the moment, until a linux- template is fixed up. I then copied the latest ISO there. Then I created a 5G disk, and ran the wrapper.root@unl01:~# cd /opt/ root@unl01:/opt# cd unetlab/ root@unl01:/opt/unetlab# cd addons/ root@unl01:/opt/unetlab/addons# cd qemu/ root@unl01:/opt/unetlab/addons/qemu# cd win-zeroshell/ root@unl01:/opt/unetlab/addons/qemu/win-zeroshell# ls ZeroShell-3.3.2.iso root@unl01:/opt/unetlab/addons/qemu/win-zeroshell# mv ZeroShell-3.3.2.iso cdrom.iso root@unl01:/opt/unetlab/addons/qemu/win-zeroshell# /opt/qemu/bin/qemu-img create -f qcow hda.qcow2 5G Formatting 'hda.qcow2', fmt=qcow size=5368709120 encryption=off root@unl01:/opt/unetlab/addons/qemu/win-zeroshell# ls cdrom.iso hda.qcow2 root@unl01:/opt/unetlab/addons/qemu/win-zeroshell# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions root@unl01:/opt/unetlab/addons/qemu/win-zeroshell#I then added a new node to a test lab I had on the go, and fired it up. Once connected via VNC, you can then install it to the harddrive, by selecting option A from the menu:
The install is straight forward, pretty much just accept all the defaults.
Once the install is done, shut it down, and then rename the cdrom.iso file to something else - otherwise it'll boot from the cdrom.
Once done, fire it up again. I created a 5GB disk for it, and it is only using a fraction of that:
The actual topology is very simple:
Once the Windows box is on the same subnet, we can access the web gui. Forgive the crappy colors:
There you go, really quick to set up and loads of features. It'll do X.509 certificates, a little easier than setting this up on a Windows server, and whilst the GUI certainly wont win any prizes for the most attractive interface, who want's style over substance?
This certainly has all the ingredients.
Edit: Here is a link to Courtney's video. Please check it out. Or view the video here: