September 1st, 2020
Getting Started, Configuring the Appliance
By Mark Unwin - Open-AudIT Founder and Product Lead
Out of the box, the Opmantek VM requires no configuration changes to work, however you may wish to make changes so it complements your particular network environment. Items such as using HTTPS, setting the hostname or configuring the IP stack are all configurable.
Secure Access with https (optional)
The VM ships with support for secure https access enabled, and you can use https instead of http in any of the URLs mentioned.
However, the included certificate-key pair is the same for all VM downloads, and it is a self-signed certificate (for “opmantek.local”). This will cause your browser to display security warnings.
If you want to use https access operationally it is highly recommended that you replace this shared default key-certificate pair with your own (or use an automated certification authority like letsencrypt/ for example).
Debian – Customizing Network Settings (optional)
The Debian team has an excellent wiki page dedicated to customizing the network configuration; this page is available in several languages:
CentOS – Set a custom IP Address and DNS (optional)
At this point the VM has DHCP enabled, and therefore it will receive a dynamic IP address suitable for your environment. The easiest way to access the VM at that point is from the virtualization software terminal. So go ahead and boot the VM. After the VM is finished booting you will be welcomed by a login prompt. First, log in using the default credentials.
If it’s desirable to customize the network settings we offer the following options:
- Option #1 – Manual configuration
The VM appliance is a normal CentOS 7 system, hence all the mechanisms for network configuration in CentOS are available.
Most specifically you’ll be interested in the files:
- Option #2 – Use our example network configuration files
Root’s home directory contains 2 example network configurations, one for static IP’s and one for DHCP. Copy the one you require to
/etc/sysconfig/network-scripts/and edit it to suit:
cp ifcfg-ens192.static /etc/sysconfig/network-scripts/ <interface_name>
Be sure to verify the following settings:
- NAME; the interface name as found with the ip address command
- DEVICE; the interface name as found with the ip address command
Next restart the network service for the setting to take affect. In our testing the DHCP address was still present, and the static IP assigned as a secondary (this can be seen with the ‘ip address’ command). The DHCP address can be removed by using the ‘ip address command del’ command or be rebooting the system.
TYPE=Ethernet IPADDR=192.168.10.201 NETMASK=255.255.255.0 BROADCAST=192.168.10.255 GATEWAY=192.168.10.51 PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=static DEFROUTE= yes IPV4_FAILURE_FATAL=no IPV6INIT= yes IPV6_AUTOCONF= yes IPV6_DEFROUTE= yes IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=enp0s3 UUID=9099afe7-6dd6-4aec-bd93-8950b67ab8f5 DEVICE=enp0s3 ONBOOT= yes DNS1=192.168.10.80 DNS2=22.214.171.124