Props to my man Courtney for turning me onto this nice little Linux distro. It’s called ZeroShell and it does a ton of cool stuff. Ideal for the CCIE Security lab, if resources are an issue. It will run happily on a 5GB harddisk and hardly uses any resources when resting.
So, do you want a full list of ZeroShell’s capabilities? Of course, you do. It will do:
- Load balancing & failover over multiple internet connections
- RADIUS server (802.1x, EAP-TLS, EAP-TTLS, PEAP
- Captive portal for wired and wireless clients
- HTTP proxy
- Multi-zone DNS
- LDAP integration
It’s got a lot of cool features. Check it out over at http://www.zeroshell.org/.
So anyway, Courtney said he was going to document how to get it running on GNS3, and I thought it would be cool to try it out on UNetLab.
I started by creating a folder called win-zeroshell under /opt/unetlab/addons/qemu/ – it’s got to be called win- at the moment, until a linux- template is fixed up. I then copied the latest ISO there. Then I created a 5G disk, and ran the wrapper.
[email protected]:~# cd /opt/ [email protected]:/opt# cd unetlab/ [email protected]:/opt/unetlab# cd addons/ [email protected]:/opt/unetlab/addons# cd qemu/ [email protected]:/opt/unetlab/addons/qemu# cd win-zeroshell/ [email protected]:/opt/unetlab/addons/qemu/win-zeroshell# ls ZeroShell-3.3.2.iso [email protected]:/opt/unetlab/addons/qemu/win-zeroshell# mv ZeroShell-3.3.2.iso cdrom.iso [email protected]:/opt/unetlab/addons/qemu/win-zeroshell# /opt/qemu/bin/qemu-img create -f qcow hda.qcow2 5G Formatting 'hda.qcow2', fmt=qcow size=5368709120 encryption=off [email protected]:/opt/unetlab/addons/qemu/win-zeroshell# ls cdrom.iso hda.qcow2 [email protected]:/opt/unetlab/addons/qemu/win-zeroshell# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions [email protected]:/opt/unetlab/addons/qemu/win-zeroshell#
I then added a new node to a test lab I had on the go and fired it up. Once connected via VNC, you can then install it to the hard drive, by selecting option A from the menu:
The install is straight forward, pretty much just accept all the defaults.
Once the install is done, shut it down, and then rename the cdrom.iso file to something else – otherwise, it’ll boot from the CD-ROM.
Once done, fire it up again. I created a 5GB disk for it, and it is only using a fraction of that:
The actual topology is very simple:
Once the Windows box is on the same subnet, we can access the web GUI. Forgive the crappy colors:
There you go, really quick to set up and loads of features. It’ll do X.509 certificates, a little easier than setting this up on a Windows server, and whilst the GUI certainly won’t win any prizes for the most attractive interface, who want’s style over substance?
This certainly has all the ingredients.
Edit: Here is a link to Courtney’s video. Please check it out. Or view the video here: