Running ZeroShell in UNetLab


Props to my man Courtney for turning me onto this nice little linux distro. It's called ZeroShell and it does a tonne of cool stuff. Ideal for the CCIE Security lab, if resources are an issue. It will run happily on a 5GB harddisk, and hardly uses any resources when resting.

So, do you want a full list of ZeroShell's capabilities? Of course you do. It will do:
  • Load balancing & failover over multiple internet connections
  • RADIUS server (802.1x, EAP-TLS, EAP-TTLS, PEAP
  • Captive portal for wired and wireless clients
  • QoS
  • HTTP proxy
  • VPN
  • RIPv2
  • STP
  • 802.1Q
  • NAT
  • Multi-zone DNS
  • DHCP
  • LDAP integration
It's got a lot of cool features. Check it out over at http://www.zeroshell.org/.

So anyway, Courtney said he was going to document how to get it running on GNS3, and I thought it would be cool to try it out on UNetLab.

I started by creating a folder called win-zeroshell under /opt/unetlab/addons/qemu/ - it's got to be called win- at the moment, until a linux- template is fixed up. I then copied the latest ISO there. Then I created a 5G disk, and ran the wrapper.
root@unl01:~# cd /opt/
root@unl01:/opt# cd unetlab/
root@unl01:/opt/unetlab# cd addons/
root@unl01:/opt/unetlab/addons# cd qemu/
root@unl01:/opt/unetlab/addons/qemu# cd win-zeroshell/
root@unl01:/opt/unetlab/addons/qemu/win-zeroshell# ls
ZeroShell-3.3.2.iso
root@unl01:/opt/unetlab/addons/qemu/win-zeroshell# mv ZeroShell-3.3.2.iso cdrom.iso
root@unl01:/opt/unetlab/addons/qemu/win-zeroshell# /opt/qemu/bin/qemu-img create -f qcow hda.qcow2 5G
Formatting 'hda.qcow2', fmt=qcow size=5368709120 encryption=off
root@unl01:/opt/unetlab/addons/qemu/win-zeroshell# ls
cdrom.iso  hda.qcow2
root@unl01:/opt/unetlab/addons/qemu/win-zeroshell# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
root@unl01:/opt/unetlab/addons/qemu/win-zeroshell#
I then added a new node to a test lab I had on the go, and fired it up. Once connected via VNC, you can then install it to the harddrive, by selecting option A from the menu:

Running ZeroShell in UNetLab

The install is straight forward, pretty much just accept all the defaults.

Once the install is done, shut it down, and then rename the cdrom.iso file to something else - otherwise it'll boot from the cdrom.

Once done, fire it up again. I created a 5GB disk for it, and it is only using a fraction of that:

Running ZeroShell in UNetLab

The actual topology is very simple:

Running ZeroShell in UNetLab
Once the Windows box is on the same subnet, we can access the web gui. Forgive the crappy colors:

Running ZeroShell in UNetLab

There you go, really quick to set up and loads of features. It'll do X.509 certificates, a little easier than setting this up on a Windows server, and whilst the GUI certainly wont win any prizes for the most attractive interface, who want's style over substance?

This certainly has all the ingredients.

Edit: Here is a link to Courtney's video. Please check it out. Or view the video here:


CCIE #49337, author of CCNA and Beyond, BGP for Cisco Networks, MPLS for Cisco Networks, VPNs and NAT for Cisco Networks.

Related Posts

Previous
Next Post »