Running ZeroShell in UNetLab

Props to my man Courtney for turning me onto this nice little Linux distro. It’s called ZeroShell and it does a ton of cool stuff. Ideal for the CCIE Security lab, if resources are an issue. It will run happily on a 5GB harddisk and hardly uses any resources when resting.

So, do you want a full list of ZeroShell’s capabilities? Of course, you do. It will do:

  • Load balancing & failover over multiple internet connections
  • RADIUS server (802.1x, EAP-TLS, EAP-TTLS, PEAP
  • Captive portal for wired and wireless clients
  • QoS
  • HTTP proxy
  • VPN
  • RIPv2
  • STP
  • 802.1Q
  • NAT
  • Multi-zone DNS
  • DHCP
  • LDAP integration

It’s got a lot of cool features. Check it out over at

So anyway, Courtney said he was going to document how to get it running on GNS3, and I thought it would be cool to try it out on UNetLab.

I started by creating a folder called win-zeroshell under /opt/unetlab/addons/qemu/ – it’s got to be called win- at the moment, until a linux- template is fixed up. I then copied the latest ISO there. Then I created a 5G disk, and ran the wrapper.

root@unl01:~# cd /opt/
root@unl01:/opt# cd unetlab/
root@unl01:/opt/unetlab# cd addons/
root@unl01:/opt/unetlab/addons# cd qemu/
root@unl01:/opt/unetlab/addons/qemu# cd win-zeroshell/
root@unl01:/opt/unetlab/addons/qemu/win-zeroshell# ls
root@unl01:/opt/unetlab/addons/qemu/win-zeroshell# mv ZeroShell-3.3.2.iso cdrom.iso
root@unl01:/opt/unetlab/addons/qemu/win-zeroshell# /opt/qemu/bin/qemu-img create -f qcow hda.qcow2 5G
Formatting 'hda.qcow2', fmt=qcow size=5368709120 encryption=off
root@unl01:/opt/unetlab/addons/qemu/win-zeroshell# ls
cdrom.iso  hda.qcow2
root@unl01:/opt/unetlab/addons/qemu/win-zeroshell# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

I then added a new node to a test lab I had on the go and fired it up. Once connected via VNC, you can then install it to the hard drive, by selecting option A from the menu:

Running ZeroShell in UNetLab

The install is straight forward, pretty much just accept all the defaults.

Once the install is done, shut it down, and then rename the cdrom.iso file to something else – otherwise, it’ll boot from the CD-ROM.

Once done, fire it up again. I created a 5GB disk for it, and it is only using a fraction of that:

Running ZeroShell in UNetLab

The actual topology is very simple:

Running ZeroShell in UNetLab

Once the Windows box is on the same subnet, we can access the web GUI. Forgive the crappy colors:

Running ZeroShell in UNetLab

There you go, really quick to set up and loads of features. It’ll do X.509 certificates, a little easier than setting this up on a Windows server, and whilst the GUI certainly won’t win any prizes for the most attractive interface, who want’s style over substance?

This certainly has all the ingredients.

Edit: Here is a link to Courtney’s video. Please check it out. Or view the video here: