More Services for the Lab Server

Posted on July 12, 2017 by Judson Bishop

After setting up TACACS+ and FreeRADIUS I decided to go ahead and add more services to my main test lab server. I am using CentOS in the lab, and decided to add a syslog server and an FTP server to the mix.

Rsyslogd
This is a very simple process as we use Rsyslogd as our production syslog server. First we need to uncomment some lines in the file /etc/rsyslog.conf. The most important lines are the ones at the bottom of the code listing, they tell Rsyslogd to listen on UDP port 514.
[code]
#### MODULES ####

# The imjournal module bellow is now used as a message source instead of imuxsock.
$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
$ModLoad imjournal # provides access to the systemd journal
$ModLoad imklog # reads kernel messages (the same are read from journald)
$ModLoad immark # provides –MARK– message capability

# Provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514
[/code]

The next step is to set up the remote logging location and file format. In order to no clutter the log directory, I made a new directory.
[code]
mkdir -p /var/log/lab
[/code]

Add these lines to the bottom of the /etc/syslog.conf file.
[code]
$template DynaFile,"/var/log/lab/remote-%fromhost-ip%.log"
*.* -?DynaFile
[/code]

Now set up one of the lab routers for logging.
[code]
logging origin-id string CSR1
logging source-interface GigabitEthernet1
logging host 192.168.2.101

int lo0
ip address 192.168.3.10 255.255.255.0
logging event link-status
[/code]

Shut and no shut the port a couple of times in order to make some logging events.
[code]
cat /var/log/lab/remote-192.168.2.1.log
Jul 11 09:02:26 192.168.2.1 161: CSR1: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to down
Jul 11 09:02:26 192.168.2.1 162: CSR1: %LINK-5-CHANGED: Interface Loopback0, changed state to administratively down
[/code]

Configure FTP
First add a user where the configuration files from the routers will be stored. Just to keep things simple and consistent I added the user cisco with the password CCIE. Obviously this is a lab only environment, I would never do this production.

[code]
useradd cisco
passwd cisco
[/code]

For this portion of the post I am just using one of the many howto’s on the internet. Once again, I have been burned by not documenting my steps for a process so I will document them below.

Install proftpd.
[code]
yum -y install proftpd
[/code]

Make a backup of the configuration file.
[code]
cp /etc/proftpd.conf /etc/proftpd.conf.0
[/code]

Make sure that users are chroot’ed to their home directories.
[code]
# Cause every FTP user except adm to be chrooted into their home directory
DefaultRoot ~ !adm
[/code]

Start up the proftpd server.
[code]
systemctl enable proftpd
systemctl start proftpd
[/code]

Testing from within the lab, here is an FTP from CSR1 to TLTS1.
[code]
copy flash:def ftp://cisco:CCIE@192.168.2.101/
Address or name of remote host [192.168.2.101]?
Destination filename [def]?
Writing def !
973 bytes copied in 0.180 secs (5406 bytes/sec)
[/code]

And confirm the file is on the FTP server.
[code]
ls /home/cisco/
def
[/code]

Sources:
http://www.proftpd.org

This entry was posted in CCIE, Linux. Bookmark the permalink.

Leave a Reply