Install and Evaluate ITOP - IT Operations software - pfSense

I am going to document my journey while setting up and evaluating ITOP -  an IT Operations Portal from Combodo - http://www.combodo.com/-Overview-.html

The setup will be in a virtual lab and includes the following components Resource Links at the end. NOTE this is strictly a lab setup for evaluation and testing. Although security is mentioned from time to time, this is likely NOT the best setup to use in a production environment. I encourage the user to seek out other resources, vendor best practices and plan accordingly.

1. VMWare Workstation 10 (Version 10.0.1 build-1379776)
2. Centos 7 Operating System (CentOS-7.0-1406-x86_64-Everything.iso)
3. Linux Mint 17 Operation System (linuxmint-17-cinnamon-64bit-v2.iso)
4. pfSense firewall software (pfSense-LiveCD-2.1.4-RELEASE-amd64-20140620-1259.iso)

The basic setup is as shown in the diagram. I use airport names for identification. NOTE: my IPs have changed, need to update this diagram.

I. Networking
Using VMWare Workstation, I have created two vNets for networking.
vNet8 is my "WAN" connection in this setup - it NATs to my physical adapter and is the pathway to the interwebs.
vNet6 is my "LAN" connection. I have it set to 192.168.47.0/24, with a DHCP scope offering 192.168.47.100-150,

I generally put my gateway at .02, and servers at .10, .20, .30, etc.

In vmWare Workstation 10, click Edit >> Virtual Network Editor.

vmWare Networking Screenshot

II. The Firewall
I use a basic pfSense software firewall. It installs in a small virtual machine and provides basic protection inbound and outbound. Igo with the defaults during setup for two nics.

1. Download the software from www.pfsense.org. I am using version 2.1.4 for this project.
2. In vmWare Workstation, click File >> New Virtual Machine (ctrl - n)
3. Choose Typical in the New Virtual Machine Wizard. Click Next.

4. Browse to the pfSense ISO file. Click Next.

5. Choose 'Other' as the operating system type, and FreeBSD in the dropdown list. Click Next.

6. Enter a name for the Virtual Machine. I follow a naming standard of Airport Code - Operating System - Hostname. Click Next.
NOTE: this is only the name of the virtual machine in vmWare, it may or may not be related to the actual host name, although I try and keep 'em the same for consistency.

7. Select the Disk Capacity. For my simple firewall, I go with 4GB, stored in one file. Click Next

8. Click on Customize Hardware to make a few changes.

9. The default hardware includes a basic NAT network adapter and a sound card. Click Add Hardware.

 10. Select Network Adapter. Click Next.

 11. Change to Custom, and select VMNet 6. Click Finish.

 12. I have clicked on the sound card and Removed it. I have changed the existing Network Adapter to VMNet 8 (NAT). I like to be explicit in my settings. Click Close.

13. Review the settings and click Finish.

13. Power On the Virtual Machine. The ISO will boot. After a few minutes the following screen appears:

14. I am not going to setup any VLANs for this project, however I still enter Y as it will display the interface names.

15. Make note of em0 and le0. (I have seen other combinations of interface names). Hit return to bypass any VLAN setup.

16. pfSense asks for the WAN interface and then the LAN interface. I have entered em0 and le0. There is a chance I have them backwards; if so just go swap the two network adapters in the Virtual Machine settings.

17. Hit Enter at the OPT (Optional) interface question. We will not be using it for this project. Review the summary and enter Y to proceed.

18. pfSense will go through the various configuration stages and then present a menu screen when it is all set. As you can see, I did indeed guess wrong on the interfaces and need to swap them. Imagine having two NIC ports on the back of a computer - I am going to switch the cables plugged into each port after install pfSense on the harddrive

19. Enter 99 to Install pfSense to a hard drive. Use the down arrow and click enter to accept the display defaults.

20. Choose Quick and Easy install. Hit Enter.

21. Hit Enter to install pfSense to the virtual hard drive.

22. Choose the Standard Kernal

23. Reboot the virtual machine.

24. The device reboots and starts up with the following screen. All good to go!

The next blog post will cover the Mint17 workstation installation which will be used to interact with the ITOP server.

NOTE: If needed to switch the LAN and WAN, I find it easiest to do the following:
 I enter 6 to Halt (shutdown) the machine. After it is powered off, I open the Virtual Machine Settings and switch Network Adapter to vmnet6, and Network Adapter 2 to vmnet6, the opposite of what they were above. Click OK.

20. Power on the pfSense Virtual Machine. Check the settings:





Resources:
Centos http://www.centos.org/
Linux Mint http://www.linuxmint.com/