More Services for the Lab Server

Posted on July 12, 2017 by Judson Bishop

After setting up TACACS+ and FreeRADIUS I decided to go ahead and add more services to my main test lab server. I am using CentOS in the lab, and decided to add a syslog server and an FTP server to the mix.

Rsyslogd
This is a very simple process as we use Rsyslogd as our production syslog server. First we need to uncomment some lines in the file /etc/rsyslog.conf. The most important lines are the ones at the bottom of the code listing, they tell Rsyslogd to listen on UDP port 514. 

#### MODULES ####

# The imjournal module bellow is now used as a message source instead of imuxsock.
$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
$ModLoad imjournal # provides access to the systemd journal
$ModLoad imklog # reads kernel messages (the same are read from journald)
$ModLoad immark  # provides --MARK-- message capability

# Provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514

The next step is to set up the remote logging location and file format. In order to no clutter the log directory, I made a new directory.

mkdir -p /var/log/lab

Add these lines to the bottom of the /etc/syslog.conf file.

$template DynaFile,"/var/log/lab/remote-%fromhost-ip%.log"
*.* -?DynaFile

Now set up one of the lab routers for logging.

logging origin-id string CSR1
logging source-interface GigabitEthernet1
logging host 192.168.2.101

int lo0
ip address 192.168.3.10 255.255.255.0
logging event link-status

Shut and no shut the port a couple of times in order to make some logging events.

cat /var/log/lab/remote-192.168.2.1.log
Jul 11 09:02:26 192.168.2.1 161: CSR1: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to down
Jul 11 09:02:26 192.168.2.1 162: CSR1: %LINK-5-CHANGED: Interface Loopback0, changed state to administratively down

Configure FTP
First add a user where the configuration files from the routers will be stored. Just to keep things simple and consistent I added the user cisco with the password CCIE. Obviously this is a lab only environment, I would never do this production.

useradd cisco
passwd cisco

For this portion of the post I am just using one of the many howto’s on the internet. Once again, I have been burned by not documenting my steps for a process so I will document them below.

Install proftpd.

yum -y install proftpd

Make a backup of the configuration file.

cp /etc/proftpd.conf /etc/proftpd.conf.0

Make sure that users are chroot’ed to their home directories.

# Cause every FTP user except adm to be chrooted into their home directory
DefaultRoot                     ~ !adm

Start up the proftpd server.

systemctl enable proftpd
systemctl start proftpd

Testing from within the lab, here is an FTP from CSR1 to TLTS1.

copy flash:def ftp://cisco:CCIE@192.168.2.101/
Address or name of remote host [192.168.2.101]?
Destination filename [def]?
Writing def !
973 bytes copied in 0.180 secs (5406 bytes/sec)

And confirm the file is on the FTP server.

ls /home/cisco/
def

Sources:
http://www.proftpd.org

This entry was posted in CCIE, Linux. Bookmark the permalink.

Leave a comment