More Services for the Lab Server

After setting up TACACS+ and FreeRADIUS I decided to go ahead and add more services to my main test lab server. I am using CentOS in the lab, and decided to add a syslog server and an FTP server to the mix.

This is a very simple process as we use Rsyslogd as our production syslog server. First we need to uncomment some lines in the file /etc/rsyslog.conf. The most important lines are the ones at the bottom of the code listing, they tell Rsyslogd to listen on UDP port 514.

#### MODULES ####

# The imjournal module bellow is now used as a message source instead of imuxsock.
$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
$ModLoad imjournal # provides access to the systemd journal
$ModLoad imklog # reads kernel messages (the same are read from journald)
$ModLoad immark  # provides --MARK-- message capability

# Provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514

The next step is to set up the remote logging location and file format. In order to no clutter the log directory, I made a new directory.

mkdir -p /var/log/lab

Add these lines to the bottom of the /etc/syslog.conf file.

$template DynaFile,"/var/log/lab/remote-%fromhost-ip%.log"
*.* -?DynaFile

Now set up one of the lab routers for logging.

logging origin-id string CSR1
logging source-interface GigabitEthernet1
logging host

int lo0
ip address
logging event link-status

Shut and no shut the port a couple of times in order to make some logging events.

cat /var/log/lab/remote-
Jul 11 09:02:26 161: CSR1: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to down
Jul 11 09:02:26 162: CSR1: %LINK-5-CHANGED: Interface Loopback0, changed state to administratively down

Configure FTP
First add a user where the configuration files from the routers will be stored. Just to keep things simple and consistent I added the user cisco with the password CCIE. Obviously this is a lab only environment, I would never do this production.

useradd cisco
passwd cisco

For this portion of the post I am just using one of the many howto’s on the internet. Once again, I have been burned by not documenting my steps for a process so I will document them below.

Install proftpd.

yum -y install proftpd

Make a backup of the configuration file.

cp /etc/proftpd.conf /etc/proftpd.conf.0

Make sure that users are chroot’ed to their home directories.

# Cause every FTP user except adm to be chrooted into their home directory
DefaultRoot                     ~ !adm

Start up the proftpd server.

systemctl enable proftpd
systemctl start proftpd

Testing from within the lab, here is an FTP from CSR1 to TLTS1.

copy flash:def ftp://cisco:CCIE@
Address or name of remote host []?
Destination filename [def]?
Writing def !
973 bytes copied in 0.180 secs (5406 bytes/sec)

And confirm the file is on the FTP server.

ls /home/cisco/


This entry was posted in CCIE, Linux. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s