Upgrade ESXi 6.0 to 6.5

METHOD1 via CLI Offline
SOURCE:
-download VMware-ESXi-6.5.0-4564106-depot.zip from https://my.vmware.com/group/vmware/get-download?downloadGroup=ESXI650
-enable ssh on ESXi
-scp VMware-ESXi-6.5.0-4564106-depot.zip into ESXi /tmp
-Shutdown all VMs running on your ESXi host machine, put your host into maintenance mode and then connect to your ESXi server via SSH
# cd /tmp
# esxcli software profile update -p ESXi-6.5.0-4564106-standard -d /tmp/VMware-ESXi-6.5.0-4564106-depot.zip

# reboot

METHOD2 via CLI Online
SOURCE:
https://www.vladan.fr/how-to-upgrade-esxi-6-0-to-6-5-via-cli-on-line/
-enable ssh on ESXi
-Shutdown all VMs running on your ESXi host machine, put your host into maintenance mode and then connect to your ESXi server via SSH
# cd /tmp
# esxcli network firewall ruleset set -e true -r httpClient
# esxcli software sources profile list -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml | grep -i ESXi-6.5
# esxcli software profile update -p ESXi-6.5.0-4564106-no-tools -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml
# reboot

METHOD3 via ISO
SOURCE:
https://www.vladan.fr/how-to-upgrade-esxi-6-0-to-6-5-via-iso/
-download ESXi iso from https://my.vmware.com/web/vmware/info/slug/datacenter_cloud_infrastructure/vmware_vsphere/6_5
-burn iso into cd
-set BIOS to boot from CD
-reboot ESXi
-on boot select “Upgrade ESXi, preserve VMFS datastore”

METHOD4 via USB media
SOURCE:
https://www.vladan.fr/how-to-create-a-usb-media-with-esxi-6-5-installation/
-download ESXi iso from https://my.vmware.com/web/vmware/info/slug/datacenter_cloud_infrastructure/vmware_vsphere/6_5

-download and install YUMI Installer
YUMI
ALTERNATIVE1: Rufus
ALTERNATIVE2: UNetbootin


-run YUMI and burn iso into pen drive
-set BIOS to boot from USB
-reboot ESXi
-on boot select “Upgrade ESXi, preserve VMFS datastore”

METHOD5 via Update Manager
SOURCE:
https://www.vladan.fr/how-to-upgrade-a-esxi-6-0-to-esxi-6-5-via-vmware-update-manager/

 

-update ESXi to latest patches
METHOD1: CLI Offline
download ESXi latest patches from
https://my.vmware.com/web/vmware/details?downloadGroup=ESXI650D&productId=646&rPId=15839
scp ESXi650-201704001.zip into ESXi /vmfs/volumes//
# esxcli software vib update -d /vmfs/volumes//ESXi650-201704001.zip

METHOD2: CLI Online
# esxcli network firewall ruleset set -e true -r httpClient
# esxcli software profile install -p ESXi-6.5.0-20170404001-standard -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml
-enable nested hypervisor
# echo “vhv.enable = “TRUE”” >> /etc/vmware/config

-enable copy/paste between guest vm
# vi /etc/vmware/config
add these
vmx.fullpath = “/bin/vmx”
isolation.tools.copy.disable=”FALSE”
isolation.tools.paste.disable=”FALSE”

-install VMware Host Client
go to https://labs.vmware.com/flings/esxi-embedded-host-client#instructions
download and scp into /tmp
esxui-signed-5214684.vib
# esxcli software vib install -v /tmp/esxui-signed-5214684.vib

Install VMware Remote Console
go to https://labs.vmware.com/flings/esxi-embedded-host-client#instructions
download and scp into /tmp
VMware-Remote-Console-9.0.0-Linux.vib
VMware-Remote-Console-9.0.0-MacOS.vib
VMware-Remote-Console-9.0.0-Windows.vib

# esxcli software vib update -v /tmp/VMware-Remote-Console-9.0.0-Linux.vib
# esxcli software vib install -v /tmp/VMware-Remote-Console-9.0.0-MacOS.vib

# esxcli software vib update -v /tmp/VMware-Remote-Console-9.0.0-Windows.vib

VMware Remote Console 9.0 for Linux
VMware Remote Console 9.0 for Mac

VMware Remote Console 9.0 for Windows

Now you can access ESXi using browser at https://esxserverip/ui

Merge splitted disk into a single disk

SOURCE: https://vmexpo.wordpress.com/2014/04/15/how-to-merge-multiple-vmdks-into-single-vmdk/comment-page-1/

Sometime you got OVA with multiple splitted disk. But I still prefer one big disk because easier to backup.

Here how to do that with VMware Workstation

-cd to your target vm disk location
c:\>cd C:\Users\user1\Documents\Virtual Machines\OWASP
>dir
07-Apr-17  11:28 AM    <DIR>          .
07-Apr-17  11:28 AM    <DIR>          ..
03-Aug-15  10:58 AM     1,774,780,416 OWASP Broken Web Apps-cl1-s001.vmdk
03-Aug-15  10:58 AM     1,603,600,384 OWASP Broken Web Apps-cl1-s002.vmdk
03-Aug-15  10:58 AM     1,806,696,448 OWASP Broken Web Apps-cl1-s003.vmdk
03-Aug-15  10:58 AM     1,135,149,056 OWASP Broken Web Apps-cl1-s004.vmdk
03-Aug-15  10:58 AM            65,536 OWASP Broken Web Apps-cl1-s005.vmdk
03-Aug-15  08:47 AM               780 OWASP Broken Web Apps-cl1.vmdk
03-Aug-15  10:54 AM             8,684 OWASP Broken Web Apps.nvram
31-Jul-15  10:25 AM                79 OWASP Broken Web Apps.vmsd
03-Aug-15  10:54 AM             1,582 OWASP Broken Web Apps.vmx
06-May-15  09:30 AM               276 OWASP Broken Web Apps.vmxf
03-Aug-15  10:44 AM             8,306 owaspbwa-release-notes.txt
              11 File(s)  6,320,311,547 bytes
               2 Dir(s)  385,078,714,368 bytes free

>”C:\Program Files (x86)\VMware\VMware Workstation\vmware-vdiskmanager.exe” -r “OWASP Broken Web Apps-cl1.vmdk” -t 0 OWASP.vmdk
Creating disk ‘OWASP.vmdk’

Increasing allocated RAM for UNL in VMware Fusion

SOURCE:
  1. import unl ova and keep it off
  2. change hardware compatibility to 12
    – In the Apple menu bar, select Virtual Machine > Settings.
    – Select Compatibility
    – Select the hardware version to 12
  3. change “memsize” in unl vmx
    – right click unl vm and select ” Show Package Contents”
    – search for the ‘VMX’ file, right click and select open with ‘Text Edit’
    – change the memsize there and save
    – power on unl vm. If it complain about unsupported main memory size then just click OK

ESXi 6.0 Unetlab to Cisco Catalyst trunk

I have problem with Unetlab inside ESXi with 2 trunk port.
Once 1 of the trunk cable disconnected, the issue fixed
The problems are:
-node (in the exmple below is Mikrotik) can’t ping gateway but unetlab vm can
-after ESXi restarted, I can’t ping ESXi anymore
The solution are
Image.png
Image.png
Cisco:
# sh run
port-channel load-balance src-dst-ip
interface Port-channel1
 switchport trunk encapsulation dot1q
 switchport mode trunk
 switchport nonegotiate
 flowcontrol receive desired
interface FastEthernet2/0/1
 switchport trunk encapsulation dot1q
 switchport mode trunk
 switchport nonegotiate
 speed 100
 duplex full
 flowcontrol receive desired
 channel-group 1 mode on
 spanning-tree portfast trunk
 spanning-tree bpdufilter enable
!
interface FastEthernet2/0/2
 switchport trunk encapsulation dot1q
 switchport mode trunk
 switchport nonegotiate
 speed 100
 duplex full
 flowcontrol receive desired
 channel-group 1 mode on
 spanning-tree portfast trunk
 spanning-tree bpdufilter enable
ESXi
Image.png
Image.png
Image.png
Image.png
Image.png
Image.png

Inject Driver into ESXi ISO

If you encounter can’t continue installing ESXi because lack of driver then follow these steps.
Example below is using HPE ESXi iso but you can use any ESXi iso

Download
-required driver from https://vibsdepot.v-front.de/wiki/index.php/List_of_currently_available_ESXi_packages
put all above into c:\download
click 2x ESXi-Customizer-v2.7.2.exe and extract into c:\download
click 2x c:\download\ESXi-Customizer-v2.7.2\ESXi-Customizer.cmd
Image.png
You can now burn iso into cd or into usb using https://rufus.akeo.ie/

Installing ESXi 6.0 Update 2

Download ESXi 6.0 update2 from
#vmware -v
VMware ESXi 6.0.0 build-2615704

#esxcli software vib install -n esx-base -n vsan -n vsanhealth -d /v mfs/volumes/datastore2/update-from-esxi6.0-6.0_update02.zip

Installation Result
   Message: The update completed successfully, but the system needs to be rebooted for the changes to be effective.
   Reboot Required: true
   VIBs Installed: VMware_bootbank_esx-base_6.0.0-2.34.3620759, VMware_bootbank_vsan_6.0.0-2.34.3563498, VMware_bootbank_vsanhealth_6.0.0-3000000.3.0.2.34.3544323
   VIBs Removed: VMware_bootbank_esx-base_6.0.0-0.5.2615704
   VIBs Skipped:

#esxcli software vib update -d /vmfs/volumes/datastore2/update-from- esxi6.0-6.0_update02.zip

Installation Result
   Message: The update completed successfully, but the system needs to be rebooted for the changes to be effective.
   Reboot Required: true
   VIBs Installed: VMware_bootbank_ehci-ehci-hcd_1.0-3vmw.600.2.34.3620759, VMware_bootbank_esx-tboot_6.0.0-2.34.3620759, VMware_bootbank_lsi-mr3_6.605.08.00-7vmw.600.1.17.3029758, VMware_bootbank_lsi-msgpt3_06.255.12.00-8vmw.600.1.17.3029758, VMware_bootbank_lsu-lsi-lsi-mr3-plugin_1.0.0-2vmw.600.0.11.2809209, VMware_bootbank_lsu-lsi-megaraid-sas-plugin_1.0.0-2vmw.600.0.11.2809209, VMware_bootbank_lsu-lsi-mpt2sas-plugin_1.0.0-4vmw.600.1.17.3029758, VMware_bootbank_misc-drivers_6.0.0-2.34.3620759, VMware_bootbank_net-e1000e_3.2.2.1-1vmw.600.1.26.3380124, VMware_bootbank_net-tg3_3.131d.v60.4-2vmw.600.1.26.3380124, VMware_bootbank_net-vmxnet3_1.1.3.0-3vmw.600.2.34.3620759, VMware_bootbank_nvme_1.0e.0.35-1vmw.600.2.34.3620759, VMware_bootbank_sata-ahci_3.0-22vmw.600.2.34.3620759, VMware_bootbank_scsi-bnx2i_2.78.76.v60.8-1vmw.600.0.11.2809209, VMware_bootbank_xhci-xhci_1.0-3vmw.600.2.34.3620759, VMware_locker_tools-light_6.0.0-2.34.3620759
   VIBs Removed: VMware_bootbank_ehci-ehci-hcd_1.0-3vmw.600.0.0.2494585, VMware_bootbank_esx-tboot_6.0.0-0.0.2494585, VMware_bootbank_lsi-mr3_6.605.08.00-6vmw.600.0.0.2494585, VMware_bootbank_lsi-msgpt3_06.255.12.00-7vmw.600.0.0.2494585, VMware_bootbank_lsu-lsi-lsi-mr3-plugin_1.0.0-1vmw.600.0.0.2494585, VMware_bootbank_lsu-lsi-megaraid-sas-plugin_1.0.0-1vmw.600.0.0.2494585, VMware_bootbank_lsu-lsi-mpt2sas-plugin_1.0.0-1vmw.600.0.0.2494585, VMware_bootbank_misc-drivers_6.0.0-0.0.2494585, VMware_bootbank_net-e1000e_2.5.4-6vmw.600.0.0.2494585, VMware_bootbank_net-tg3_3.131d.v60.4-1vmw.600.0.0.2494585, VMware_bootbank_net-vmxnet3_1.1.3.0-3vmw.600.0.0.2494585, VMware_bootbank_nvme_1.0e.0.35-1vmw.600.0.0.2494585, VMware_bootbank_sata-ahci_3.0-21vmw.600.0.0.2494585, VMware_bootbank_scsi-bnx2i_2.78.76.v60.8-1vmw.600.0.0.2494585, VMware_bootbank_xhci-xhci_1.0-2vmw.600.0.0.2494585, VMware_locker_tools-light_6.0.0-0.0.2494585
   VIBs Skipped: VMWARE_bootbank_mtip32xx-native_3.8.5-1vmw.600.0.0.2494585, VMware_bootbank_ata-pata-amd_0.3.10-3vmw.600.0.0.2494585, VMware_bootbank_ata-pata-atiixp_0.4.6-4vmw.600.0.0.2494585, VMware_bootbank_ata-pata-cmd64x_0.2.5-3vmw.600.0.0.2494585, VMware_bootbank_ata-pata-hpt3x2n_0.3.4-3vmw.600.0.0.2494585, VMware_bootbank_ata-pata-pdc2027x_1.0-3vmw.600.0.0.2494585, VMware_bootbank_ata-pata-serverworks_0.4.3-3vmw.600.0.0.2494585, VMware_bootbank_ata-pata-sil680_0.4.8-3vmw.600.0.0.2494585, VMware_bootbank_ata-pata-via_0.3.3-2vmw.600.0.0.2494585, VMware_bootbank_block-cciss_3.6.14-10vmw.600.0.0.2494585, VMware_bootbank_cpu-microcode_6.0.0-0.0.2494585, VMware_bootbank_elxnet_10.2.309.6v-1vmw.600.0.0.2494585, VMware_bootbank_emulex-esx-elxnetcli_10.2.309.6v-0.0.2494585, VMware_bootbank_esx-base_6.0.0-2.34.3620759, VMware_bootbank_esx-dvfilter-generic-fastpath_6.0.0-0.0.2494585, VMware_bootbank_esx-ui_1.0.0-3617585, VMware_bootbank_esx-xserver_6.0.0-0.0.2494585, VMware_bootbank_ima-qla4xxx_2.02.18-1vmw.600.0.0.2494585, VMware_bootbank_ipmi-ipmi-devintf_39.1-4vmw.600.0.0.2494585, VMware_bootbank_ipmi-ipmi-msghandler_39.1-4vmw.600.0.0.2494585, VMware_bootbank_ipmi-ipmi-si-drv_39.1-4vmw.600.0.0.2494585, VMware_bootbank_lpfc_10.2.309.8-2vmw.600.0.0.2494585, VMware_bootbank_lsu-hp-hpsa-plugin_1.0.0-1vmw.600.0.0.2494585, VMware_bootbank_lsu-lsi-lsi-msgpt3-plugin_1.0.0-1vmw.600.0.0.2494585, VMware_bootbank_lsu-lsi-mptsas-plugin_1.0.0-1vmw.600.0.0.2494585, VMware_bootbank_misc-cnic-register_1.78.75.v60.7-1vmw.600.0.0.2494585, VMware_bootbank_net-bnx2_2.2.4f.v60.10-1vmw.600.0.0.2494585, VMware_bootbank_net-bnx2x_1.78.80.v60.12-1vmw.600.0.0.2494585, VMware_bootbank_net-cnic_1.78.76.v60.13-2vmw.600.0.0.2494585, VMware_bootbank_net-e1000_8.0.3.1-5vmw.600.0.0.2494585, VMware_bootbank_net-enic_2.1.2.38-2vmw.600.0.0.2494585, VMware_bootbank_net-forcedeth_0.61-2vmw.600.0.0.2494585, VMware_bootbank_net-igb_5.0.5.1.1-5vmw.600.0.0.2494585, VMware_bootbank_net-ixgbe_3.7.13.7.14iov-20vmw.600.0.0.2494585, VMware_bootbank_net-mlx4-core_1.9.7.0-1vmw.600.0.0.2494585, VMware_bootbank_net-mlx4-en_1.9.7.0-1vmw.600.0.0.2494585, VMware_bootbank_net-nx-nic_5.0.621-5vmw.600.0.0.2494585, VMware_bootbank_nmlx4-core_3.0.0.0-1vmw.600.0.0.2494585, VMware_bootbank_nmlx4-en_3.0.0.0-1vmw.600.0.0.2494585, VMware_bootbank_nmlx4-rdma_3.0.0.0-1vmw.600.0.0.2494585, VMware_bootbank_ohci-usb-ohci_1.0-3vmw.600.0.0.2494585, VMware_bootbank_qlnativefc_2.0.12.0-5vmw.600.0.0.2494585, VMware_bootbank_rste_2.0.2.0088-4vmw.600.0.0.2494585, VMware_bootbank_sata-ata-piix_2.12-10vmw.600.0.0.2494585, VMware_bootbank_sata-sata-nv_3.5-4vmw.600.0.0.2494585, VMware_bootbank_sata-sata-promise_2.12-3vmw.600.0.0.2494585, VMware_bootbank_sata-sata-sil24_1.1-1vmw.600.0.0.2494585, VMware_bootbank_sata-sata-sil_2.3-4vmw.600.0.0.2494585, VMware_bootbank_sata-sata-svw_2.3-3vmw.600.0.0.2494585, VMware_bootbank_scsi-aacraid_1.1.5.1-9vmw.600.0.0.2494585, VMware_bootbank_scsi-adp94xx_1.0.8.12-6vmw.600.0.0.2494585, VMware_bootbank_scsi-aic79xx_3.1-5vmw.600.0.0.2494585, VMware_bootbank_scsi-bnx2fc_1.78.78.v60.8-1vmw.600.0.0.2494585, VMware_bootbank_scsi-fnic_1.5.0.45-3vmw.600.0.0.2494585, VMware_bootbank_scsi-hpsa_6.0.0.44-4vmw.600.0.0.2494585, VMware_bootbank_scsi-ips_7.12.05-4vmw.600.0.0.2494585, VMware_bootbank_scsi-megaraid-mbox_2.20.5.1-6vmw.600.0.0.2494585, VMware_bootbank_scsi-megaraid-sas_6.603.55.00-2vmw.600.0.0.2494585, VMware_bootbank_scsi-megaraid2_2.00.4-9vmw.600.0.0.2494585, VMware_bootbank_scsi-mpt2sas_19.00.00.00-1vmw.600.0.0.2494585, VMware_bootbank_scsi-mptsas_4.23.01.00-9vmw.600.0.0.2494585, VMware_bootbank_scsi-mptspi_4.23.01.00-9vmw.600.0.0.2494585, VMware_bootbank_scsi-qla4xxx_5.01.03.2-7vmw.600.0.0.2494585, VMware_bootbank_uhci-usb-uhci_1.0-3vmw.600.0.0.2494585, VMware_bootbank_vsan_6.0.0-2.34.3563498, VMware_bootbank_vsanhealth_6.0.0-3000000.3.0.2.34.3544323

#reboot

#vmware -v
VMware ESXi 6.0.0 build-3620759

Shutdown CUCM together with ESXi

SOURCE:
-import APC PCNS 4.1 ova into your ESX
NOTE:
-I use APC PCNS for Linux only. I didn’t use its PCNS because I don’t have APC UPS with NMC.
If I have NMC, I’ll use PCNS instead of apcupsd or still using apcupsd with pcnet settings
If someone want to donate me APC NMC, I’ll glad to test for them

-login as root to pcns and install apcupsd

# yum -y install epel-release
# yum -y install apcupsd
# yum -y install putty

-for linux based apt-get use these commands
# apt-get install apcupsd
# apt-get putty-tools

# yum -y install openssh-clients

-test ssh using admin account

# ssh admin@<CUCM IP>
install pexpect using either these commands
# yum -y install pexpect.noarch
or
# apt-get install python-pexpect

# cat /root/shutcucm.py

import pexpect
import sys
server_ip = “<CUCM IP>”
server_user = “<platform user>”
server_pass = “<platform pass>”
child = pexpect.spawn(‘ssh %s@%s’ % (server_user, server_ip))
child.logfile = sys.stdout
child.timeout = 60
child.expect(‘password:’)
child.sendline(server_pass)
child.expect(‘admin:’)
child.sendline(‘utils system shutdown’)
child.expect(‘Enter (yes/no)?’)
child.sendline(‘yes’)
child.expect(‘ Appliance is being Powered – Off …’)
print ‘Shutdown command successfully sent.’

-connect usb cable from pc to esxi

# cat /etc/apcupsd/apccontrol

#!/bin/sh
prefix=/usr
exec_prefix=/usr
APCPID=/var/run/apcupsd.pid
APCUPSD=/usr/sbin/apcupsd
SHUTDOWN=/sbin/shutdown
SCRIPTSHELL=/bin/sh
SCRIPTDIR=/etc/apcupsd
WALL=wall
if [ -f ${SCRIPTDIR}/${1} -a -x ${SCRIPTDIR}/${1} ]
then
    ${SCRIPTDIR}/${1} ${2} ${3} ${4}
    # exit code 99 means he does not want us to do default action
    if [ $? = 99 ] ; then
        exit 0
    fi
fi
case “$1” in
    killpower)
        echo “Apccontrol doing: ${APCUPSD} –killpower on UPS ${2}” | ${WALL}
        sleep 10
        ${APCUPSD} –killpower
        echo “Apccontrol has done: ${APCUPSD} –killpower on UPS ${2}” | ${WALL}
    ;;
    commfailure)
        echo “Warning communications lost with UPS ${2}” | ${WALL}
    ;;
    commok)
        echo “Communications restored with UPS ${2}” | ${WALL}
    ;;
    powerout)
    ;;
    onbattery)
        echo “Power failure on UPS ${2}. Running on batteries.” | ${WALL}
    ;;
    offbattery)
        echo “Power has returned on UPS ${2}…” | ${WALL}
    ;;
    mainsback)
        if [ -f /etc/apcupsd/powerfail ] ; then
           printf “Continuing with shutdown.”  | ${WALL}
        fi
    ;;
    failing)
        echo “Battery power exhaused on UPS ${2}. Doing shutdown.” | ${WALL}
    ;;
    timeout)
        echo “Battery time limit exceeded on UPS ${2}. Doing shutdown.” | ${WALL}
    ;;
    loadlimit)
        echo “Remaining battery charge below limit on UPS ${2}. Doing shutdown.” | ${WALL}
    ;;
    runlimit)
        echo “Remaining battery runtime below limit on UPS ${2}. Doing shutdown.” | ${WALL}
    ;;
    doreboot)
        echo “UPS ${2} initiating Reboot Sequence” | ${WALL}
        ${SHUTDOWN} -r now “apcupsd UPS ${2} initiated reboot”
    ;;
    doshutdown)
        echo “UPS ${2} initiated Shutdown Sequence” | ${WALL}
        ${SHUTDOWN} -h now “apcupsd UPS ${2} initiated shutdown”
        python /root/shutcucm.py
        echo “****** Executing ESXi Shutdown Command ******” | ${WALL}
        plink -ssh -2 -pw password root@10.0.100.200 “/sbin/shutdown.sh && /sbin/poweroff”
    ;;
    annoyme)
        echo “Power problems with UPS ${2}. Please logoff.” | ${WALL}
    ;;
    emergency)
        echo “Emergency Shutdown. Possible battery failure on UPS ${2}.” | ${WALL}
    ;;
    changeme)
        echo “Emergency! Batteries have failed on UPS ${2}. Change them NOW” | ${WALL}
    ;;
    remotedown)
        echo “Remote Shutdown. Beginning Shutdown Sequence.” | ${WALL}
    ;;
    startselftest)
    ;;
    endselftest)
    ;;
    battdetach)
    ;;
    battattach)
    ;;
    *)  echo “Usage: ${0##*/} command”
        echo ”       warning: this script is intended to be launched by”
        echo ”       apcupsd and should never be launched by users.”
        exit 1
    ;;
esac

vWLC Installation with AP AIR-LAP1242AG

-configure vWLC vm serial over telnet
2 ways to access vWLC:
1. by pressing any key when vWLC booted
2. configure serial over telnet in ESXi
-make sure your ESXi license either Evaluation or Enterprise
otherwise Serial over network won’t work
go to ESXi/Configuration/Software/Security Profile/Firewall Properties
tick VM serial port connected to vSPC
tick VM serial port connected over network

Image
If you want to telnet, telnet to ESXi host ip address
>telnet 10.0.100.200 3001

INFO:
-ESXi 5.5u2 IP: 10.0.100.200
-vWLC Service IP: 10.0.100.76
vWLC Management IP: 10.0.20.76
-AD+DNS+DHCP IP: 10.0.20.2

-CISCO AP subnet: 10.0.30.0/24

CISCO 3750:
-create dhcp relay in vlan 30
interface Vlan30
ip address 10.0.30.1 255.255.255.0
ip helper-address 10.0.20.2

AD:
-set dns for these records and PTR
CISCO-CAPWAP-CONTROLLER 10.0.20.76
CISCO-LWAPP-CONTROLLER 10.0.20.76
OPTIONAL:
-set dhcp option 43 for ip 10.0.20.76
Binary: 00f1040a00144c

-How AP discover Controller
1. LWAPP discovery broadcast on local subnet
2. Over-the-Air provisioning (OTAP)
3. Local stored controller IP address from prior successful join process
4. DHCP option 43
5. DNS resolution of CISCO-LWAPP-CONTROLLER

ESXi:
Check which vWLC supporting your AP
In my case since I am using 1242 AP. I can’t use vWLC 8.1 and must use 8.0
Download and install AIR-CTVM-K9-8-0-120-0.ova
Power on
When “Press any key to use this terminal as the default terminal” prompt appear, press ENTER
Would you like to terminate autoinstall? [yes]:
System Name (31 characters max): wlc
Enter Administrative User Name (24 characters max): admin
Enter Administrative Password (3 to 24 characters):
Re-enter Administrative Password:
Service Interface IP Address Configuration (static)(DHCP): static
Service Interface IP Address: 10.0.100.76
Service Interface Netmask: 255.255.255.0
Management Interface IP Address: 10.0.20.76
Management Interface Netmask: 255.255.255.0
Management Interface Default Router: 10.0.20.1
Management Interface VLAN Identifier (0 = untagged):
Management Interface Port Num (1 to 1): 1
Management Interface DHCP Server IP Address: 10.0.20.2
Virtual Gateway IP Address: 1.1.1.1
Mobility/RF Group Name: WLC
Network Name (SSID): WLC
Configure DHCP Bridging Mode [yes][No]:
Allow Static IP Addresses [YES][no]:
Configure a RADIUS Server now? [YES][no]: no
Warning! The default WLAN security policy requires a RADIUS server
Enter Country Code list (enter ‘help’ for a list of countries)[US]:
Enable 802.11b Network [YES][no]:
Enable 802.11a Network [YES][no]:
Enable 802.11g Network [YES][no]:
Enable Auto-RF [YES][no]:
Configure a NTP server now? [YES][no]:
Enter the NTP server’s IP address: 10.0.20.2
Enter a polling interval between 3600 and 604800 secs: 3600
Would you like to configure IPv6 parameters[YES][no]: no

Configuration correct? If yes, system will save it and reset. [yes][NO]: yes

>show sysinfo

Manufacturer’s Name………………………… Cisco Systems Inc.
Product Name………………………………. Cisco Controller
Product Version……………………………. 8.0.120.0
RTOS Version………………………………. 8.0.120.0
Bootloader Version…………………………. 8.0.120.0
Emergency Image Version…………………….. 8.0.120.0
Build Type………………………………… DATA + WPS
System Name……………………………….. wlc
System Location…………………………….
System Contact……………………………..
System ObjectID……………………………. 1.3.6.1.4.1.9.1.1631
IP Address………………………………… 10.0.20.76
IPv6 Address………………………………. ::
System Up Time…………………………….. 0 days 0 hrs 3 mins 34 secs
System Timezone Location…………………….
System Stats Realtime Interval………………. 5
System Stats Normal Interval………………… 180
Configured Country…………………………. US  – United States
State of 802.11b Network……………………. Enabled
State of 802.11a Network……………………. Enabled
Number of WLANs……………………………. 1
Number of Active Clients……………………. 0
Burned-in MAC Address………………………. 00:0C:29:31:C8:E1
Maximum number of APs supported……………… 200
System Nas-Id……………………………… wlc
WLC MIC Certificate Types…………………… SHA1>show system interfaces
dtl0      Link encap:Ethernet  HWaddr 00:0C:29:31:C8:E1
inet addr:10.0.20.76  Bcast:10.0.20.255  Mask:255.255.255.0
dtl0:1    Link encap:Ethernet  HWaddr 00:0C:29:31:C8:E1
inet addr:1.1.1.1  Bcast:1.1.1.1  Mask:255.255.255.255
eth0      Link encap:Ethernet  HWaddr 00:0C:29:31:C8:D7
inet addr:10.0.100.76  Bcast:10.0.100.255  Mask:255.255.255.0
eth1      Link encap:Ethernet  HWaddr 00:0C:29:31:C8:E1
inet6 addr: fe80::20c:29ff:fe31:c8e1/64 Scope:Link
lo        Link encap:Local Loopback
inet addr:127.0.0.1  Mask:255.0.0.0>ping 10.0.0.1
Send count=3, Receive count=3 from 10.0.0.1
>show run-config
automatically convert unknown ap to flexconnect mode
>config ap autoconvert flexconnect
to reset to factory default, login using Recover-Config or
(Cisco Controller) > reset system
(Cisco Controller) > recover-config
to change management vlan id
>config wlan disable all
>config interface vlan management 0
to disabe http web gui and enable https web gui
>config network webmode disable
>config network secureweb enable
Now we can access web gui through service port 10.0.100.76 or management port 10.0.20.76
https://10.0.20.76
L: admin
P:Set Date and Time
-go to COMMAND
-click Set Date and Time
change date, time and time zoneAccept Self Signet Cert
-go to Security/AAA/AP Policies
-tick Accept Self Signed Certificate (SSC)

Enable management via wireless
-go to Management/Mgmt Via Wireless/
-tick Enable Controller Management to be accessible from Wireless Clients

Set log server
-go to Management/Logs/Config
set Syslog Server IP Address(Ipv4/Ipv6)

Set NTP Server
-go to Controller/NT/Server

Set user Interface
-go to Controller/Interfaces
create a new USER interface with VLAN 30

Configure LDAP Authentication
NOTE: This config is not secure because Security\LDAP\Secure Mode (TLS) is not enabled.
I don’t know yet how to configure it
ImageImage

Image

Image

Image

Enable DHCP proxy
If DHCP is different subnet than AP then enable DHCP Proxy
-go to Controller/Advances/DHCP
tick Enable DHCP ProxyEnable MAC Filtering if needed
Image
with Local or Radius MAC Filter

-go to Security/MAC Filering

Activate eval license
-go to MANAGEMENT/Software Activation/Licenses
-change Priority from Low to High
click Set Priority
accept EULA

Reboot vWLC
-go to COMMAND
-click Reboot

Eve-NG Installation on ESXi

ESXi:
-check your CPU support virtualization
http://ark.intel.com/Products/VirtualizationTechnology

-check your hardware support virtualization
# esxcfg-info |grep “HV Support”
|—-HV Support……………………………………..3
|—-World Command Line……………………………grep HV Support
0 – VT/AMD-V indicates that support is not available for this hardware.
1 – VT/AMD-V indicates that VT or AMD-V might be available but it is not supported for this hardware.
2 – VT/AMD-V indicates that VT or AMD-V is available but is currently not enabled in the BIOS.
3 – VT/AMD-V indicates that VT or AMD-V is enabled in the BIOS and can be used.

-Edit the VM settings and go to VM settings > Options > CPUID mask > Advanced > Level 1, add the following CPU mask level
ECX —- —- —- —- —- —- –H- —-
NOTE: do above only if all else failed

-Edit the VM settings and go to VM settings > Options > CPU/MMU
Virtualization . Select
“Use Intel VT-x/AMD-V for instruction set virtualization and Intel EPT/AMD RVI for MMU virtualization”
Image

-vm hardware version must be version 9 or above
# vim-cmd vmsvc/getallvms
# vim-cmd vmsvc/upgrade unetlab-vmid vmx-09

-modify /etc/vmware/config
add in the last line then  logout and relogin from web gui
vhv.enable = “TRUE”
or better
modify /vmfs/volume/datastore1/UnetLab/UnetLab.vmx
add to the last line
vhv.enable = “TRUE”

-should show “nestedHVSupported true”
# vim-cmd vmsvc/get.capability 8

-test in ubuntu
# egrep -c ‘(vmx|svm)’ /proc/cpuinfo
the output should be 8

-to reconfigure network
# rm -f /opt/ovf/.configured
# exit
and login back

-if sometime you can’t login Web GUI, try this
# /etc/init.d/apache2 restart

Download Unetlab from: http://www.eve-ng.net/index.php/downloads

-check current version
# dpkg -l eve-ng
ii  eve-ng         2.0.3-53     amd64        A new generation software for net
# apt autoremove (answer Y)
# apt-get update
# apt-get install eve-ng
# apt-get dist-upgrade (answer Y)
# reboot ( if previous version < V84 )
-check new version
# dpkg -l eve-ng
ii  eve-ng         2.0.3-60     amd64        A new generation software for net

-to check what version are you running and what version is the freshest one
# cat /etc/apt/sources.list.d/unetlab.list
deb http://www.unetlab.com/apt trusty rrlabs
# apt-cache policy unetlab
unetlab:
Installed: 0.9.0-96
Candidate: 0.9.0-96
Version table:
*** 0.9.0-96 0
500 http://www.unetlab.com/apt/ trusty/rrlabs amd64 Packages
100 /var/lib/dpkg/status
0.9.0-94 0
500 http://www.unetlab.com/apt/ trusty/rrlabs amd64 Packages
0.9.0-92 0
500 http://www.unetlab.com/apt/ trusty/rrlabs amd64 Packages
0.9.0-88 0
500 http://www.unetlab.com/apt/ trusty/rrlabs amd64 Packages
0.9.0-76 0
500 http://www.unetlab.com/apt/ trusty/rrlabs amd64 Packages
0.9.0-70 0
500 http://www.unetlab.com/apt/ trusty/rrlabs amd64 Packages
0.9.0-68 0
500 http://www.unetlab.com/apt/ trusty/rrlabs amd64 Packages
0.9.0-54 0
500 http://www.unetlab.com/apt/ trusty/rrlabs amd64 Packages

-Below is the reference node in UNL: “/opt/unetlab/html/includes/init.php”
‘a10’ => ‘A10 vThunder’,
‘osx’ => ‘Apple OSX’,
‘clearpass’ => ‘Aruba ClearPass’,
‘aruba’ => ‘Aruba WiFi Controller’,
‘veos’ => ‘Arista vEOS’,
‘barracuda’ => ‘Barraccuda NGIPS’,
‘brocadevadx’ => ‘Brocade vADX’,
‘cpsg’ => ‘CheckPoint Security Gateway VE’,
//’docker’ => ‘Docker.io’,
‘acs’ => ‘Cisco ACS’,
‘ampcloud’ => ‘Cisco AMP Cloud’,
‘asa’ => ‘Cisco ASA’,
‘asav’ => ‘Cisco ASAv’,
‘cda’ => ‘Cisco Context Directory Agent’,
‘csr1000v’ => ‘Cisco CSR 1000V’,
‘csr1000vng’ => ‘Cisco CSR 1000V (Denali and Everest)’,
‘cips’ => ‘Cisco IPS’,
‘cucm’ => ‘Cisco CUCM’,
‘ise’ => ‘Cisco ISE’,
‘c1710’ => ‘Cisco IOS 1710 (Dynamips)’,
‘c3725’ => ‘Cisco IOS 3725 (Dynamips)’,
‘c7200’ => ‘Cisco IOS 7206VXR (Dynamips)’,
‘iol’ => ‘Cisco IOL’,
‘titanium’ => ‘Cisco NX-OSv (Titanium)’,
‘nxosv9k’ => ‘Cisco NX-OSv 9K’,
‘firepower’ => ‘Cisco FirePower’,
‘firepower6’ => ‘Cisco FirePower 6′,
//’ucspe’ => ‘Cisco UCS-PE’,
‘vios’ => ‘Cisco vIOS’,
‘viosl2’ => ‘Cisco vIOS L2’,
‘vnam’ => ‘Cisco vNAM’,
‘vwlc’ => ‘Cisco vWLC’,
‘vwaas’ => ‘Cisco vWAAS’,
‘prime’ => ‘Cisco Prime Infra’,
‘phoebe’ => ‘Cisco Email Security Appliance (ESA)’,
‘coeus’ => ‘Cisco Web Security Appliance (WSA)’,
‘xrv’ => ‘Cisco XRv’,
‘xrv9k’ => ‘Cisco XRv 9000’,
‘nsvpx’ => ‘Citrix Netscaler’,
‘sonicwall’ => ‘Dell SonicWall’,
‘cumulus’ => ‘Cumulus VX’,
‘extremexos’ => ‘ExtremeXOS’,
‘bigip’ => ‘F5 BIG-IP LTM VE’,
‘fortinet’ => ‘Fortinet FortiGate’,
‘huaweiusg6kv’ => ‘Huawei USG6000v’,
‘hpvsr’ => ‘HP VSR1000’,
‘jspace’ => ‘Junos Space’,
‘olive’ => ‘Juniper Olive’,
‘vmx’ => ‘Juniper vMX’,
‘vmxvcp’ => ‘Juniper vMX VCP’,
‘vmxvfp’ => ‘Juniper vMX VFP’,
‘vsrx’ => ‘Juniper vSRX’,
‘vsrxng’ => ‘Juniper vSRX NextGen’,
‘vqfxre’ => ‘Juniper vQFX RE’,
‘vqfxpfe’ => ‘Juniper vQFX PFE’,
‘junipervrr’ => ‘Juniper RR’,
‘linux’ => ‘Linux’,
‘mikrotik’ => ‘MikroTik RouterOS’,
‘timos’ => ‘Nokia 7750 VSR-I’,
‘timoscpm’ => ‘Nokia 7750 CPM’,
‘timosiom’ => ‘Nokia 7750 IOM’,
‘ostinato’ => ‘Ostinato’,
‘paloalto’ => ‘Palo Alto VM-100 Firewall’,
‘pfsense’ => ‘pfSense Firewall’,
‘alteon’ => ‘Radware AlteonVA’,
‘riverbed’ => ‘Riverbed’,
‘sterra’ => ‘S-Terra’,
‘vyos’ => ‘VyOS’,
‘esxi’ => ‘VMWare ESXi’,
‘vcenter’ => ‘VMWare vCenter’,
‘win’ => ‘Windows’,
‘winserver’ => ‘Windows Server’,
‘vpcs’ => ‘Virtual PC (VPCS)’

Qemu folder name EVE Vendor Qemu image .qcow2 name
a10- A10-vthunder hda
osx- Apple OSX
clearpass- Aruba ClearPass hda
aruba- Aruba WiFi Controller hda, hdb
veos Arista vEOS hda, cdrom.iso
barracuda- Barraccuda NGIPS hda
brocadevadx- Brocade vADX virtioa
cpsg- CheckPoint Security Gateway VE hda
docker- Docker.io
acs- Cisco ACS hda
ampcloud Cisco AMP Cloud
asa- Cisco ASA hda
asav- Cisco ASAv virtioa
cda- Cisco Context Directory Agent hda
csr1000v- Cisco CSR 1000v virtioa
csr1000vng- Cisco CSR 1000v (Denali and Everest) virtioa
cips- Cisco IPS hda, hdb
cucm- Cisco CUCM virtioa
ise- Cisco ISE hda
titanium- Cisco NX-OSv (Titanium) virtioa
nxosv9k- Cisco NX-OSv 9k hda
firepower- Cisco FirePower scsia
firepower6- Cisco FirePower 6 hda
ucspe Cisco UCS-PE
vios- Cisco vIOS virtioa
viosl2- Cisco vIOS L2 virtioa
vnam- Cisco vNAM hda
vwlc- Cisco vWLC megasasa
vwaas- Cisco vWAAS virtioa
prime- Cisco Prime Infra
phoebe- Cisco Email Security Appliance (ESA) hda
coeus- Cisco Web Security Appliance (WSA) virtioa
xrv- Cisco XRv hda
xrv9k- Cisco XRv 9000 virtioa
nsvpx- Citrix Netscaler virtioa
sonicwall- DELL Sonicwall hda
cumulus- Cumulus VX hda
extremexos- ExtremeOS hda
bigip- F5 BIG-IP LTM VE hda, hdb
fortinet- Fortinet FW virtioa
fortinet- Fortinet SGT virtioa
fortinet- Fortinet mail virtioa, virtiob
fortinet- Fortinet manager virtioa
huaweiusg6kv Huawei USG6000v
hpvsr- HP VSR1000 hda
jspace- Junos Space hda
olive- Juniper Olive hda
vmx- Juniper vMX hda
vmxvcp- Juniper vMXVCP hda, hdb, hdc
vmxvfp- Juniper vMXVFP hda
vsrx- Juniper vSRX virtioa
vsrxng- Juniper vSRX NextGen hda
vqfxre- Juniper vQFXRE hda
vqfxpfe- Juniper vQFXPFE hda
junipervrr Juniper RR
linux- Linux hda
mikrotik- MikroTik RouterOS hda
timos- Nokia 7750 VSR-I hda
timoscpm- Nokia 7750 CPM
timosiom- Nokia 7750 IOM
ostinato- Ostinato traffic generator hda
paloalto- Palo Alto VM-100 Firewall virtioa
pfsense- pfSense Firewall hda
alteon- Radware AlteonVA virtioa
riverbed- Riverbed virtioa, virtiob
sterra- S-terra VPN hda
vyos- VyOS virtioa
esxi- VMWare ESXi
vcenter- VMWare Vcenter
win- Windows hda
winserver- Windows Server hda
vpcs Virtual PC (VPCS)

-to install ios image
scp c1710-bk9no3r2sy-mz.124-23.bin, c3725-adventerprisek9-mz.124-15.T14.bin and c7200-adventerprisek9-mz.152-4.S6.bin to /opt/unetlab/addons/dynamips
# cd /opt/unetlab/addons/dynamips
# unzip c1710-bk9no3r2sy-mz.124-23.bin
# unzip c3725-adventerprisek9-mz.124-15.T14.bin
# unzip c7200-adventerprisek9-mz.152-4.S6.bin
# mv C1710-BK.BIN c1710-bk9no3r2sy-mz.124-23.image
# mv C3725-AD.BIN c3725-adventerprisek9-mz.124-15.T14.image
# mv C7200-AD.BIN c7200-adventerprisek9-mz.152-4.S6.image
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to install asa
# mkdir -p /opt/unetlab/addons/qemu/asa-8.42
scp ASA-8.42.vmdk and ASA-8.42-0.vmdk into /opt/unetlab/addons/qemu/asa-8.42
# cd /opt/unetlab/addons/qemu/asa-8.42
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 ASA-8.42.vmdk hda.qcow2
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 ASA-8.42-0.vmdk hdb.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
create two asa node with ram 1024mb
ASA1
# conf t
(config)# hostname asa1
(config)# int e0
(config-if)# ip add 10.0.0.101 255.255.255.0
(config-if)# nameif outside
(config-if)# no sh
ASA2
# conf t
(config)# hostname asa2
(config)# int e0
(config-if)# ip add 10.0.0.102 255.255.255.0
(config-if)# nameif outside
(config-if)# no sh
(config-if)# end
# ping 10.0.0.101# mkdir -p /opt/unetlab/addons/qemu/asa-9.15
scp hda.qcow2 and hdb.qcow2 into /opt/unetlab/addons/qemu/asa-9.15
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
NOTE:
Forum said only asa-9.15 can do Active/Active

-to install a10
# mkdir -p /opt/unetlab/addons/qemu/a10-4.0.1
# scp vThunder-4.0.1.ova into /opt/unetlab/addons/qemu/a10-4.0.1
# cd  /opt/unetlab/addons/qemu/a10-4.0.1
# tar xf vThunder-4.0.1.ova
# # /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 vThunder-4.0.1-disk1.vmdk hda.qcow2

# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

 -to install acs
download acs-5.7.0.15.iso
create acs vm in ESXi with 4GB RAM, 2x CPU core, 40GB thin disk, OS Other Linux 64bit
boot acs vm and attach acs-5.7.0.15.iso
Image
after install, reboot and remove detach acs.iso
login: setup
Enter hostname[]: acs
Enter IP address: 10.0.20.86
Enter IP netmask[]: 255.255.255.0
Enter IP default gateway[]: 10.0.20.1
Enter default DNS domain[]: poc.com
Enter primary nameserver[]: 8.8.8.8
Add seconday nameserver? Y/N [N}:
Enter NTP server[time.nist.gov]:
Add another NTP server? Y/N [N]:
Enter system timezone[UTC]: GMT
Enable SSH service? Y/N [N]: y
Enter username[admin]:
Enter password:
Enter password again:shutdown acs vm
ssh as root to unetlab
# mkdir -p /opt/unetlab/addons/qemu/acs-5.7.0.15
ssh as root into ESXi
# cd /vmfs/volume/datastore1/acs
# scp *vmdk root@10.0.20.71:/opt/unetlab/addons/qemu/acs-5.7.0.15
switch to unetlab
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 acs.vmdk hda.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
-to install asav
# mkdir -p /opt/unetlab/addons/qemu/asav-932-200
scp asav932-200.qcow2 into /opt/unetlab/addons/qemu/asav-932-200
# cd /opt/unetlab/addons/qemu/asav-932-200
# cp -p asav932-200.qcow2 hda.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
create asav lab
Make sure console is vnc in unl file.
# cat /opt/unetlab/labs/LAB.unl

logout and relogin from web gui

-to install Aruba CX
# mkdir /opt/unetlab/addons/qemu/aruba-cx-10_02
scp ArubaOS-CX_10_02_0010_ova.zip into /tmp
# cd /tmp
# unzip ArubaOS-CX_10_02_0010_ova.zip
# tar xf ArubaOS-CX_10_02_0010.ova
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 arubaoscx-disk-image-genericx86-p4-20190129201401.vmdk /opt/unetlab/addons/qemu/aruba-cx-10_02/hda.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
Wipe before Start node
L: admin
P:

-to install Aruba MM
# mkdir /opt/unetlab/addons/qemu/aruba-mm-8.2.0.2
scp ArubaOS_MM_8.2.0.2_62929.ova into /tmp
# cd /tmp
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 ArubaOS_MM_8.2.0.2_62929-disk1.vmdk /opt/unetlab/addons/qemu/aruba-mm-8.2.0.2 /hda.qcow2
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 ArubaOS_MM_8.2.0.2_62929-disk2.vmdk /opt/unetlab/addons/qemu/aruba-mm-8.2.0.2 /hdb.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
-set 6GB RAM and 3 CPU minimum. NICs must be 3 before turn on

-to install aruba vmc
# mkdir -p /opt/unetlab/addons/qemu/aruba-vmc-8.2.0.2
scp ArubaOS_VMC_8.2.0.2_62929.tar into /tmp
# tar xf ArubaOS_VMC_8.2.0.2_62929.tar
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 ArubaOS_VMC_8.2.0.2_62929-disk1.vmdk /opt/unetlab/addons/qemu/aruba-vmc-8.2.0.2/hda.qcow2
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 ArubaOS_VMC_8.2.0.2_62929-disk2.vmdk /opt/unetlab/addons/qemu/aruba-vmc-8.2.0.2/hdb.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to install bigip-12.0
download BIGIP-12.0.0.1.0.628.LTM.qcow2.zip from
https://downloads.f5.com/esd/serveDownload.jsp?path=/big-ip/big-ip_v12.x/12.0.0/english/virtual-edition_base-plus-hf1/&sw=BIG-IP&pro=big-ip_v12.x&ver=12.0.0&container=Virtual-Edition_Base-Plus-HF1&file=BIGIP-12.0.0.1.0.628.LTM.qcow2.zip
# mkdir -p /opt/unetlab/addons/qemu/bigip-12.0/
scp BIGIP-12.0.0.1.0.628.LTM.qcow2.zip into /opt/unetlab/addons/qemu/bigip-12.0/
# cd /opt/unetlab/addons/qemu/bigip-12.0/
# unzip BIGIP-12.0.0.1.0.628.LTM.qcow2.zip
# rm BIGIP-12.0.0.1.0.628.LTM.qcow2.zip
# mv BIGIP-12.0.0.1.0.628.LTM.qcow2 hda.qcow2

# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to install brocadevadx
# mkdir -p /opt/unetlab/addons/qemu/brocadevadx-3100
# scp SSR3100ESX_EVAL.zip into /opt/unetlab/addons/qemu/brocadevadx-3100
# cd /opt/unetlab/addons/qemu/brocadevadx-3100
# unzip SSR3100ESX_EVAL.zip
# tar xf SSR03100ESX.ova
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 SSR1000ESX-disk1.vmdk hda.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

Make sure console is vnc in unl file.
# cat /opt/unetlab/labs/LAB.unl

logout and relogin from web gui

-to install cda
open ESXi and prepare cda vm with minimum spec
OS: Windows 2003, 2008, 2008R2, 2012, 2012R2
Disk Size: 120GB
RAM: 2GB
CPU: 2 virtual core
NIC: 1pc
See p2-2

Click to access cda10.pdf


Download and install cda_1.0.0.011.i386.iso
see p2-12 pdf above
shutdown vm
ssh as root into unetlab
# mkdir -p /opt/unetlab/addons/qemu/cda-1.0
ssh as root into ESXi
# cd /vmfs/volume/datastore1/cda
# scp *vmdk root@10.0.20.71:/opt/unetlab/addons/qemu/cda-1.0
ssh as root to unetlab server
# cd /opt/unetlab/addons/qemu/cda-1.0
# /opt/qemu/bin/qemu-img create -f qcow cda-flat.vmdk hda.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to install cips
# mkdir -p /opt/unetlab/addons/qemu/cips-4240
scp IPS-4240.ova into /opt/unetlab/addons/qemu/cips-4240
# cd /opt/unetlab/addons/qemu/cips-4240
# tar xf IPS-4240.ova
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 IPS-4240-disk1.vmdk hda.qcow2
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 IPS-4240-disk2.vmdk hdb.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
when you start cips for first time
L: cisco
P: cisco

-to install clearpass
scp CPPM-VM-x86_64-6.7.0.101814-ESX-ovf.zip into /tmp
# mkdir -p /opt/unetlab/addons/qemu/clearpass-6.7.0
# cd /tmp
# unzip CPPM-VM-x86_64-6.7.0.101814-ESX-ovf.zip
# cd CPPM-VM-x86_64-6.7.0.101814-ESX
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 CPPM-VM-x86_64-6.7.0.101814-ESX-CP-VA-disk1.vmdk /opt/unetlab/addons/qemu/clearpass-6.7.0/hda.qcow2
# cd /opt/unetlab/addons/qemu/clearpass-6.7.0
# /opt/qemu/bin/qemu-img create -f raw hdb.qcow2 80G
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to install cnMaestro
download cnMaestro on-premise
https://www.cambiumnetworks.com/products/management/cnmaestro/
# mkdir -p /opt/unetlab/addons/qemu/linux-cnmaestro
scp cnmaestro-on-premises_2.1.0-r22_amd64.ova /opt/unetlab/addons/qemu/linux-cnmaestro
# cd /opt/unetlab/addons/qemu/linux-cnmaestro
# tar xvf cnmaestro-on-premises_2.1.0-r22_amd64.ova
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 cnmaestro-on-premises_2.1.0-r22_amd64-disk1.vmdk qcow2 hda.qcow2
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 cnmaestro-on-premises_2.1.0-r22_amd64-disk2.vmdk hdb.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to install coeus
# mkdir -p /opt/unetlab/addons/qemu/coeus-9.0.0.324
scp coeus-9-0-0-324-S100V.zip into /opt/unetlab/addons/qemu/coeus-9.0.0.324
# cd /opt/unetlab/addons/qemu/coeus-9.0.0.324
# unzip coeus-9-0-0-324-S100V.zip
# mv coeus-9-0-0-324-S100V/coeus-9-0-0-324-S100V-disk1.vmdk ..
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 coeus-9-0-0-324-S100V-disk1.vmdk virtioa.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
# vi /opt/unetlab/html/templates/coeus.php
change
$p[‘console’] = ‘telnet’;
to
$p[‘console’] = ‘vnc’;

-to install cpsg
download CheckPoint GAIA R77-30 iso
create cpsg-r7730 vm in ESXI with 30GB HD, 2GB RAM, 4 nics and Other Linux 64bit
1. Install Gaia on this system
press Enter
2. Keyboard Selection
click US and OK
3. Partitions Configuration
click OK
4. Account Configuration
Password:
Confirm:
click OK
5. Management Port
choose your manament nic
click OK
6. Management Interface (eth0)
IP address:
Netmask:
Default gateway:
click OK
7. Confirmation
click OK
Shutdown vm and export as ova
# mkdir -p /opt/unetlab/addons/qemu/cpsg-r7730
scp cpsg-r7730.ova into /opt/unetlab/addons/qemu/cpsg-r7730
# tar xf cpsg-r7730.ova
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 cpsg-r7730-disk1.vmdk hda.qcow2

# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to install csr
# mkdir -p /opt/unetlab/addons/qemu/csr1000v-universalk9.03.14.00.S.155-1.S
scp csr1000v-universalk9.03.14.01.S.155-1.S1-std.ova into /opt/unetlab/addons/qemu/csr1000v-universalk9.03.14.00.S.155-1.S
# cd /opt/unetlab/addons/qemu/csr1000v-universalk9.03.14.00.S.155-1.S
# tar xf csr1000v-universalk9.03.14.01.S.155-1.S1-std.ova
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 csr1000v_harddisk.vmdk hda.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to install cumulus
Download Cumulus VX for VMware from https://cumulusnetworks.com/cumulus-vx/download/
# mkdir -p /opt/unetlab/addons/qemu/cumulus-2.5.3
scp CumulusVX-2.5.3-4eb681f3df86c478.vmware.ova /opt/unetlab/addons/qemu/cumulus-2.5.3
# cd /opt/unetlab/addons/qemu/cumulus-2.5.3
# tar xf CumulusVX-2.5.3-4eb681f3df86c478.vmware.ova
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 CumulusVX-2.5.3-4eb681f3df86c478-disk1.vmdk hda.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to install extremexos
# mkdir -p /opt/unetlab/addons/qemu/extremexos-15.3.2.11
scp extremexosvm.zip /opt/unetlab/addons/qemu/extremexos-15.3.2.11
# cd /opt/unetlab/addons/qemu/extremexos-15.3.2.11
# unzip extremexosvm.zip
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 “EXOS_VM_15.3.2.11 sw1.vmdk” hda.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to install linux cyberoam
# cp linux-cyberoam.tar /opt/unetlab/addons/qemu/
# tar xf linux-cyberoam.tar
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
Set
CPU: 1
RAM: 1024MB
Ethernet: 3
QEMU Nic: E1000

Console: vnc

-to install fortinet
NOTE:
We must download fortios KVM version not VMware version. The hd name must be virtioa not hda otherwise you will get country error
# mkdir -p /opt/unetlab/addons/qemu/fortinet-5.2.3b670
scp fortios_5-2-3.qcow2 into /opt/unetlab/addons/qemu/fortinet-5.2.3b670
# cd /opt/unetlab/addons/qemu/fortinet-5.2.3b670
# mv fortios_5-2-3.qcow2 virtioa.qcow2

# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to add log disk
# cd /opt/unetlab/addons/qemu/fortinet-5.6
create 500MB log disk size
# /opt/qemu/bin/qemu-img create -f raw virtiob.qcow2 500M
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
on FortiGate
# get system status
Version: FortiGate-VM64-KVM v5.6.0,build1449,170330 (GA)
Virus-DB: 1.00123(2015-12-11 13:18)
Extended DB: 1.00000(2012-10-17 15:46)
IPS-DB: 6.00741(2015-12-01 02:30)
IPS-ETDB: 0.00000(2001-01-01 00:00)
APP-DB: 6.00741(2015-12-01 02:30)
INDUSTRIAL-DB: 6.00741(2015-12-01 02:30)
Serial-Number: FGVMEV0000000000
IPS Malicious URL Database: 1.00001(2015-01-01 01:01)
Botnet DB: 1.00000(2012-05-28 22:51)
License Status: Valid
Evaluation License Expires: Sun May  7 05:35:13 2017
VM Resources: 1 CPU/1 allowed, 995 MB RAM/1024 MB allowed
BIOS version: 04000002
Log hard disk: Need format
Hostname: FortiGate-VM64-KVM
Operation Mode: NAT
Current virtual domain: root
Max number of virtual domains: 1
Virtual domains status: 1 in NAT mode, 0 in TP mode
Virtual domain configuration: disable
FIPS-CC mode: disable
Current HA mode: standalone
Branch point: 1449
Release Version Information: GA
FortiOS x86-64: Yes
System time: Sat Apr 22 05:46:50 2017
FortiGate-VM64-KVM # execute formatlogdisk
Log disk is /dev/vdb.
Formatting this storage will erase all data on it, including
  logs, quarantine files;
and require the unit to reboot.
Do you want to continue? (y/n)y
FortiGate-VM64-KVM # get hardware status
Model name: FortiGate-VM64-KVM
ASIC version: not available
CPU: QEMU Virtual CPU version 1.0
Number of CPUs: 1
RAM: 995 MB
Compact Flash: 2056 MB /dev/vda
Hard disk: 500 MB /dev/vdb

USB Flash: not available

NOTE:
Fortigate: You cannot create VDOMs, have a throughput limit, have some SSL limitation and has no Subscription signatures for IPS / App Control, AV, Web Filtering and Antispam.
   You cannot try FortiGate HA with trial version because the trial VM has the same S/N of the other and the Cluster could not form
FortiManager / FortiAnalyzer: Limit of log per day or management devices
FortiADC (VM and D series): I believe that latest version only release the GUI after upload the license. The older versions has no limitation.
FortiWeb: There’s no signature update
FortiSandbox: Did not download the Windows VM’s
FortiAuthenticator: Limit the number of users in database

FortiMail: There’s no signature (antivirus) and no antispam (cloud)

-to install hpvsr
Download hpvsr from https://h10145.www1.hpe.com/Downloads/SoftwareReleases.aspx?ProductNumber=JG811AAE&lang=en&cc=us&prodSeriesId=5443163

# mkdir /opt/unetlab/addons/qemu/hpvsr-1001-CMW710
scp VSR1000_HPE-CMW710-E0325-X64.zip into /tmp
# cd /tmp
# unzip VSR1000_HPE-CMW710-E0325-X64.zip
# tar xf VSR1000_HPE-CMW710-E0325-X64.ova
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 VSR1000_HPE-CMW710-E0325-X64-disk1.vmdk /opt/unetlab/addons/qemu/hpvsr-1001-CMW710/hda.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to install iol
find in google these 3 files
i86bi_linux-adventerprisek9-ms.154-2.T4
i86bi_linux_l2-adventerprisek9-ms.156-0.9.S
CiscoIOUKeygen.py.zip

copy above files into /opt/unetlab/addons/iol/bin
# cd /opt/unetlab/addons/iol/bin
# mv i86bi_linux-adventerprisek9-ms.154-2.T4 i86bi_linux-adventerprisek9-ms.154-2.T4.bin
# mv i86bi_linux_l2-adventerprisek9-ms.156-0.9.S i86bi_linux_l2-adventerprisek9-ms.156-0.9.S.bin
# unzip CiscoIOUKeygen.py.zip
# python CiscoIOUKeygen.py
# mv iourc.txt iourc
NOTE: don’t use .iourc, otherwise it won’t run

-to import iou lab
SOURCE: http://www.unetlab.com/2015/06/importing-iou-web-labs/
download IOU-WEB from
http://certcollection.org/forum/topic/236548-iou-web-vm-v22-rsv5-ud-compilation-august-2014-new-links/page__hl__%20iou
Download, extract and import v22VMIOU2014 into VMware
Power on the vm and modify its ip address
# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=”eth0″
BOOTPROTO=”none”
NM_CONTROLLED=”yes”
ONBOOT=”yes”
TYPE=”Ethernet”
IPADDR=10.0.20.84
PREFIX=24
GATEWAY=10.0.20.1
DEFROUTE=yes
ONBOOT=yes

# service network restart
open web browser and go to http://10.0.10.84
click Downloads/database.sdb
scp database.sdb into unetlab server tmp

login as root into unetlab vm
# apt-get install php5-sqlite sqlite
# cd /opt/unetlab/scripts/
# wget https://raw.githubusercontent.com/dainok/unetlab/master/scripts/import_iou-web.php .
# chmod 755 /opt/unetlab/scripts/import_iou-web.php
# /opt/unetlab/scripts/import_iou-web.php /tmp/database.sdb
All labs will be imported under /opt/unetlab/labs/Imported

NOTE:
IOU assigns DCE/DTE on a per slot basis. Even slots are DTE, Odd slots are DCE

e.g. Slots 0, 2, 4.. = DTE; Slots 1, 3, 5.. = DCE

-to install ise
In ESXi import ISE-1.4.0.253-eval.ova
ssh as root to ESXi
# /vmfs/volumes/datastore1/ISE
# scp *vmdk root@10.0.20.71:/opt/unetlab/addons/qemu/ise-1.4.0.253
ssh as root to unetlab server
# mkdir -p /opt/unetlab/addons/qemu/ise-1.4.0.253
# cd /opt/unetlab/addons/qemu/ise-1.4.0.253
# /opt/qemu/bin/qemu-img convert -f qcow ISE-flat.vmdk hda.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to install mikrotik
Download latest chr vmdk from http://www.mikrotik.com/download
# mkdir /opt/unetlab/addons/qemu/mikrotik-6.34.3
scp chr-6.34.3.vmdk into /opt/unetlab/addons/qemu/mikrotik-6.34.3
# cd /opt/unetlab/addons/qemu/mikrotik-6.34.3
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 chr-6.34.3.vmdk hda.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
L: admin
P:

-to install nsvpx
# mkdir -p /opt/unetlab/addons/qemu/nsvpx-11.0.55.20
scp NSVPX-ESX-11.0-55.20_nc.zip into /opt/unetlab/addons/qemu/nsvpx-11.0.55.20
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 NSVPX-ESX-11.0-55.20_nc-disk1.vmdk virtioa.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to install olive
# mkdir -p /opt/unetlab/addons/qemu/olive-12.1R1.9
scp “Juniper JunOS Olive12.1R1.9 Virtualbox image.ova” into /opt/unetlab/addons/qemu/olive-12.1R1.9
# cd /opt/unetlab/addons/qemu/olive-12.1R1.9
# tar xf “Juniper JunOS Olive12.1R1.9 Virtualbox image.ova”
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 “JunOS Olive-disk1.vmdk” hda.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to install ostinato
Download ost-drone-0.7-v1.qcow2 from
http://www.bernhard-ehlers.de/projects/ostinato4gns3/install-qemu.html
# mkdir /opt/unetlab/addons/qemu/ostinato-0.7-v1
scp ost-drone-0.7-v1.qcow2 into /opt/unetlab/addons/qemu/ostinato-0.7-v1
# cd /opt/unetlab/addons/qemu/ostinato-0.7-v1
# mv ost-drone-0.7-v1.qcow2 hda.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to install paloalto
# mkdir -p /opt/unetlab/addons/qemu/PA-VM-ESX-7.0.1
scp PA-VM-ESX-6.1.0.ova into /opt/unetlab/addons/qemu/paloalto-7.0.1
# cd /opt/unetlab/addons/qemu/paloalto-7.0.1
# tar xf PA-VM-ESX-7.0.1 .ova
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 PA-VM-ESX-7.0.1-disk1.vmdk virtioa.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

NOTE:

PA in UNL no need license but no URL and threat signature updates, as well as fewer sessions through the firewall

-to install radware
SOURCE: http://www.unetlab.com/forum/viewtopic.php?f=7&t=39&sid=0ade6575a07ae6534a3fbce8dd7e3049
download alteon radware from https://www.radware.com/resources/softwaredownloads/network-admin-software/
Icon: Load Balancer.png
CPU: 2 (minimum)
RAM: 2560MB (minimum)
Ethernets: 3 (minimum)
console: VNC (since telnet won’t work)
# mkdir /opt/unetlab/addons/qemu/linux-radware
scp AlteonOS-30A-5-0-0.ova into /opt/unetlab/addons/qemu/linux-radware
# cd /opt/unetlab/addons/qemu/linux-radware
# tar xf AlteonOS-30-5-0-0.ova
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 AlteonOS-30.5.0.0-disk1.vmdk virtioa.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
Enter password: admin

-to install riverbed
# mkdir /opt/unetlab/addons/qemu/riverbed-vcx9.2.0/
scp image_rbt_vcx_9_2_0_n8_x86_64.ova into /opt/unetlab/addons/qemu/riverbed-vcx9.2.0/
# cd /opt/unetlab/addons/qemu/riverbed-vcx9.2.0/
# tar xf image_rbt_vcx_9_2_0_n8_x86_64.ova
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 image-vcx-disk1.vmdk virtioa.qcow2
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 image-vcx-disk2.vmdk virtiob.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
L: admin
P: password
NOTE:
disregard cdrom complain when booting

it will probably boot 2x when power on for the first time and will take around 15min to get login prompt

-to install Ruckus SmartZone
Ruckus vSZ High-Scale
vSZ High-Scale min requirement
RAM: 13GB
CPU: 2 Cores
# mkdir /opt/unetlab/addon/qemu/linux-ruckuswireless
scp vscg-3.4.1.0.208.ova into /opt/unetlab/addon/qemu/linux-ruckuswireless
# cd /opt/unetlab/addon/qemu/linux-ruckuswireless
# tar xf vscg-3.4.1.0.208.ova
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 vscg-3.4.1.0.208-disk1.vmdk hda.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
follow this
L: admin
P: admin

# setup

-to install sophos XG
download latest sophos XG KVM from https://secure2.sophos.com/en-us/products/next-gen-firewall/free-trial.aspx#
# mkdir -p /opt/unetlab/addons/qemu/sophos-16.05
scp VI-SFOS_16.05.3_MR-3.KVM-183.zip into /opt/unetlab/addons/qemu/sophos-16.05
# cd /opt/unetlab/addons/qemu/sophos-16.05
# unzip VI-SFOS_16.05.3_MR-3.KVM-183.zip
# mv PRIMARY-DISK.qcow2 hda.qcow2
# mv AUXILIARY-DISK.qcow2 hdb.qcow2
# rm VI-SFOS_16.05.3_MR-3.KVM-183.zip
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
# cd /opt/unetlab/html/templates
# cp cpsg.php sophos.php
# sed -i ‘s/cpsg/sophos/g’ sophos.php
# sed -i ‘s/CP/sophos/g’ sophos.php
# cd ../includes
# vi init.php
add
‘sophos’ => ‘Sophos’,
after sterra line
LAN IP: 172.16.16.16 (default) port1
WAN IP: dhcp port2
WEB GUI: https://172.16.16.16:4444
L: admin
P: admin

-to install sourcefire
download from Cisco Cisco_Firepower_Management_Center_Virtual-6.1.0-330.qcow2
# mkdir -p /opt/unetlab/addons/qemu/sourcefire-6.1.0-330
scp Cisco_Firepower_Management_Center_Virtual-6.1.0-330.qcow2 into /opt/unetlab/addons/qemu/sourcefire-6.1.0-330
# cd /opt/unetlab/addons/qemu/sourcefire-6.1.0-330
# mv Cisco_Firepower_Management_Center_Virtual-6.1.0-330.qcow2 virtioa.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to install timos
# mkdir -p /opt/unetlab/addons/qemu/timos-12.0.R6
scp TiMOS-SR-12.0.R6-vm.zip into /opt/unetlab/addons/qemu/timos-12.0.R6
# cd /opt/unetlab/addons/qemu/timos-12.0.R6
# mv TiMOS-SR-12.0.R6-vm/vm/7xxx-i386/sros-vm.qcow2 hda.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to install titanium
# mkdir -p /opt/unetlab/addons/qemu/titanium-7
scp hda.qcow2 into /opt/unetlab/addons/qemu/titanium-7
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to install coeus
# mkdir -p /opt/unetlab/addons/qemu/coeus-9.0.0.324
scp coeus-9-0-0-324-S100V.zip into /opt/unetlab/addons/qemu/coeus-9.0.0.324
# cd /opt/unetlab/addons/qemu/coeus-9.0.0.324
# unzip coeus-9-0-0-324-S100V.zip
# mv coeus-9-0-0-324-S100V/coeus-9-0-0-324-S100V-disk1.vmdk ..
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 coeus-9-0-0-324-S100V-disk1.vmdk virtioa.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
# vi /opt/unetlab/html/templates/coeus.php
change
$p[‘console’] = ‘telnet’;
to
$p[‘console’] = ‘vnc’;

-to install Force10
download OS10_Virtualization_10.4.1.0V.zip from https://www.cocheno.com/category/routing/
# mkdir /opt/unetlab/addons/qemu/linux-dellos10-10.4.1.0
scp OS10_Virtualization_10.4.1.0V.zip into /opt/unetlab/addons/qemu/linux-dellos10-10.4.1.0
# cd /opt/unetlab/addons/qemu/linux-dellos10-10.4.1.0
# unzip OS10_Virtualization_10.4.1.0V.zip
# mv OS10-Installer-10.4.1.0.qcow2 virtiob.qcow2
# mv OS10-Disk-1.0.0.vmdk sataa.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to install vios
# mkdir -p /opt/unetlab/addons/qemu/vios-adventerprisek9-m-15.5
# mkdir -p /opt/unetlab/addons/qemu/viosl2-adventerprisek9-m-15.2
scp vIOS-L3.qcow2 into /opt/unetlab/addons/qemu/vios-adventerprisek9-m-15.5
scp vIOS-L2.qcow2 into /opt/unetlab/addons/qemu/viosl2-adventerprisek9-m-15.2
# cd /opt/unetlab/addons/qemu/vios-adventerprisek9-m-15.5
# mv vIOS-L3.qcow2 hda.qcow2
# cd /opt/unetlab/addons/qemu/viosl2-adventerprisek9-m-15.2
# mv vIOS-L2.qcow2 hda.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to install vmx
# mkdir -p /opt/unetlab/addons/qemu/vmx-1.0
scp vMX.ova into /opt/unetlab/addons/qemu/vmx-1.0
# cd /opt/unetlab/addons/qemu/vmx-1.0
# tar xf vMX.ova
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 vMX-disk1.vmdk hda.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
NOTE: to speed up vmx
http://noshut.ru/2015/09/how-to-run-juniper-vmx-in-unetlab/
# vi /opt/unetlab/html/templates/vmx.php
change
$p[‘qemu_options’] = ‘ -serial mon:stdio -nographic’;
to
$p[‘qemu_options’] = ‘ -serial mon:stdio -nographic -enable-kvm’;

-to install vnam
# mkdir -p /opt/unetlab/addons/qemu/vnam-6.1.1
scp nam-app-x86_64.6-1-1.ova and nam-app-x86_64.6-1-1.iso into /opt/unetlab/addons/qemu/vnam-6.1.1
# cd /opt/unetlab/addons/qemu/vnam-6.1.1
# tar xf nam-app-x86_64.6-1-1.ova
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 NAM-VX-6.1-disk1.vmdk hda.qcow2
# mv nam-app-x86_64.6-1-1.iso cdrom.iso
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

From UnetLab gui, Start vnam icon
Main menu
1 – Download application image and write to HDD
2 – Download application image and reformat HDD
3 – Install application image from CD and reformat HDD
4 – Display software versions
5 – Reset application image CLI passwords to default
6 – Send Ping
f – Check for and fix file system errors on local disk
s – Show upgrade log
n – Configure network
r – Exit and reset Services Engine
h – Exit and shutdown Services Engine
Selection [123456fsnrh]:

NOTE:
I have black screen problem with vnam 6.2.1. So I use 6.1.1 instead
Any idea what to do next after do you see menu above?

-to install vsrx
# mkdir -p /opt/unetlab/addons/qemu/vsrx-12.1X46-D10.2-domestic
scp junos-vsrx-12.1X46-D10.2-domestic.ova into /opt/unetlab/addons/qemu/vsrx-12.1X46-D10.2-domestic
# cd /opt/unetlab/addons/qemu/vsrx-12.1X46-D10.2-domestic
# tar xf junos-vsrx-12.1X46-D10.2-domestic.ova
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 junos-vsrx-12.1X46-D10.2-domestic-disk1.vmdk hda.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to install vsrxng
NOTE:
for vSRX-NG can be downloaded here
# mkdir -p /opt/unetlab/addons/qemu/vsrxng-151x49d406
scp media-vsrx-vmdisk-15.1X49-D40.6.qcow2 into /opt/unetlab/addons/qemu/vsrxng-151x49d406
# cd /opt/unetlab/addons/qemu/vsrxng-151x49d406
# mv media-vsrx-vmdisk-15.1X49-D40.6.qcow2 virtioa.qcow2

# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to install vwaas
download vwaas from
https://drive.google.com/folderview?id=0B-v2VUXWowDLYWRBcFJEcmtLQkE&usp=drive_web
# mkdir -p /opt/unetlab/addons/qemu/vwaas-200-5.5.3
scp virtioa.qcow2 into /opt/unetlab/addons/qemu/vwaas-200-5.5.3
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
L: admin
P:

-to install vwlc
# mkdir -p /opt/unetlab/addons/qemu/vwlc-8.1.102.0
scp AIR-CTVM-K9-8-1-102-0.ova and AIR-CTVM-k9-8-1-102-0.iso into /opt/unetlab/addons/qemu/vwlc-8.1.102.0
# cd /opt/unetlab/addons/qemu/vwlc-8.1.102.0
# tar xf AIR-CTVM-K9-8-1-102-0.ova
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 AS_CTVM_8_1_102_0.vmdk hda.qcow2
# mv AIR-CTVM-k9-8-1-102-0.iso cdrom.iso
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to install tinylinux
SOURCE: http://www.802101.com/2015/06/unetlab-ubuntu-guest-node.html
change dsl-4-4-10.doc to dsl-4-4-10.ova
ssh as root to unetlab server
# mkdir -p /opt/unetlab/addons/qemu/linux-dsl
# cd /opt/unetlab/addons/qemu/linux-dsl
scp dsl-4-4-10.ova into /opt/unetlab/addons/qemu/linux-dsl
# tar xf dsl-4-4-10.ova
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 DSL-4.4.10-disk1.vmdk hda.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
open UnetLab gui and add linux linux-dsl node
NOTE:
L: root

P: Password123!@#

-to install slitaz
download slitaz from
extract it in your pc
# mkdir -p /opt/unetlab/addons/qemu/linux-slitaz-3.0
scp slitaz-3.0-x86.vdi into /opt/unetlab/addons/qemu/linux-slitaz-3.0
# cd /opt/unetlab/addons/qemu/linux-slitaz-3.0
# qemu-img convert -f vdi -O qcow2 slitaz-3.0-x86.vdi hda.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
L: root
P: root

-to install win win7
SOURCE: http://www.802101.com/2015/06/windows-7-host-on-unetlab.html
install WIN7 in ESXi
update all patches
do not install vmware-tools
shutdown

ssh to ESXi server and cd to WIN7 directory
# cd /vmfs/volumes/datastore1/WIN7
# scp WIN7.vmdk root@10.0.20.71:/opt/unetlab/addons/qemu/win-win7
# scp WIN7-flat.vmdk root@10.0.20.71:/opt/unetlab/addons/qemu/win-win7

ssh as root to unetlab server
# cd /opt/unetlab/addons/qemu/win-win7
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 WIN7.vmdk hda.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
open UnetLab gui and add win win-win7 node

-to install xrv
# mkdir -p /opt/unetlab/addons/qemu/xrv-k9-5.2.2
scp hda.qcow2 into /opt/unetlab/addons/qemu/xrv-k9-5.2.2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions

-to install vyos
copy to unetlab
# mkdir -p /opt/unetlab/addons/qemu/vyos-117
# cd /opt/unetlab/addons/qemu/vyos-117
# /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 VyOS-1.1.7-signed-disk1.vmdk hda.qcow2
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
L: vyos

P: vyos

-to install zeroshell
SOURCE: http://www.802101.com/2015/08/running-zeroshell-in-unetlab.html
Download zeroshell iso from http://www.zeroshell.org/download/#
# mkdir -p /opt/unetlab/addons/qemu/linux-zeroshell
scp ZeroShell-3.3.2.iso into /opt/unetlab/addons/qemu/linux-zeroshell
# cd /opt/unetlab/addons/qemu/linux-zeroshell
# mv ZeroShell-3.3.2.iso cdrom.iso
# /opt/qemu/bin/qemu-img create -f qcow hda.qcow2 5G
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
I then added a new node to a test lab I had on the go, and fired it up. Once connected via VNC, you can then install it to the hard drive, by selecting option A from the menu:
Just accept all the defaults
# mv cdrom.iso ZeroShell-3.3.2.iso
from unetlab gui stop the node and start again

-to upgrade VMware-Tools
mount iso on datastore
click CD-ROM icon on ESXi console
click CD DVD drive 1/Connect to iso image on a datastore
open vmimages/tools-isoimages/linux.iso
# mkdir /mnt/cdrom
# mount /dev/cdrom /mnt/cdrom/
# tar xzvf /mnt/cdrom/VMwareTools-9.10.0-2476743.tar.gz -C /tmp/
# cd /tmp/vmware-tools-distrib
# perl vmware-install.pl
Do you still want to proceed with this legacy installer? [yes]
Uninstallation of previous install failed. Would you like to remove the install DB? [no] yes
# perl vmware-install.pl -d

-Log location
# cat /opt/unetlab/data/Logs/

WINDOWS:
-download and install UltraVNC from http://www.uvnc.com/downloads/ultravnc.html
-download and install Wireshark from https://www.wireshark.org/download.html
-download and extract http://UNLip/files/windows.zip
copy UNetLab into c:\Program Files
copy ultravnc_wrapper.bat into C:\Program Files\uvnc bvba\UltraVNC
run win7_64bit_ultravnc.reg
run win7_64bit_putty.reg

run win7_64bit_wireshark.reg

-to open multiple tab session in SecureCRT
run win7_64bit_crt.reg
edit C:\Users\username\AppData\Roaming\VanDyke\Config\Global.ini
change
D:”Single Instance”=00000000
to

D:”Single Instance”=00000001

-to open multiple tab with SuperPutty
   download and install SuperPutty from https://github.com/jimradford/superputty/releases
   open SuperPutty and tick Tools/Options/Advanced/Only allow single instance of SuperPuTTYy to run
   create SuperPutty.reg
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\telnet]
@=”URL:Telnet Protocol”
“URL Protocol”=””
[HKEY_CLASSES_ROOT\telnet\shell]
[HKEY_CLASSES_ROOT\telnet\shell\open]
[HKEY_CLASSES_ROOT\telnet\shell\open\command]

@=”\”C:\\Program Files (x86)\\SuperPuTTY\\SuperPutty.exe\” %1″

go to http://10.0.20.71 and Sign-in with
L: admin
P: unl

-to connect unetlab to the cloud
http://www.unetlab.com/2014/11/using-cloud-devices/

-to rename a lab file
clone or open existing file
click More Actions/Edit lab

change the Name

-to convert VirtualBox vdi to qcow2 format

# /opt/qemu/bin/qemu-img convert -f vdi -O qcow2 vm.vdi vm.qcow2

-cisco CSR 1000v take 2.5GB RAM per node, if you want less ram, use L3-ADVENTERPRISEK9-M-15.4-2T.bin instead

 

ESXi and Cisco 3750 Trunk

DIAGRAM
Image
ESXi:
Image
CISCO:
3750-48#sh run
hostname 3750-48
boot-start-marker
boot-end-marker
aaa new-model
aaa session-id common
switch 2 provision ws-c3750-48p
system mtu routing 1500
vtp domain poc
vtp mode transparent
ip routing
ip domain-name poc.com
spanning-tree mode pvst
spanning-tree portfast default
spanning-tree extend system-id
vlan internal allocation policy ascending
!
vlan 10
name WAN1
!
vlan 15
name DMZ
!
vlan 20
name SVR
!
vlan 30
name USR
!
vlan 40
name HA
!
vlan 50
name STR
!
vlan 88
name WAN2
!
vlan 100
name MGMT
!
interface Port-channel1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,15,20,30,40,50,88,100
switchport mode trunk
 switchport nonegotiate
spanning-tree portfast trunk
!
interface FastEthernet2/0/1
switchport trunk encapsulation dot1q
switchport mode trunk
speed 100
duplex full
!
interface FastEthernet2/0/2
switchport trunk encapsulation dot1q
switchport mode trunk
speed 100
duplex full
!
interface FastEthernet2/0/47
switchport access vlan 10
switchport mode access
!
interface FastEthernet2/0/48
switchport access vlan 88
switchport mode access
!
interface Vlan1
no ip address
!
interface Vlan10
ip address 10.0.10.251 255.255.255.0
!
interface Vlan15
ip address 10.0.15.1 255.255.255.0
!
interface Vlan20
ip address 10.0.20.1 255.255.255.0
!
interface Vlan30
ip address 10.0.30.1 255.255.255.0
!
interface Vlan40
ip address 10.0.40.1 255.255.255.0
!
interface Vlan50
ip address 10.0.50.1 255.255.255.0
!
interface Vlan88
ip address 192.168.88.251 255.255.255.0
!
interface Vlan100
ip address 10.0.100.1 255.255.255.0
ip classless
ip route 0.0.0.0 0.0.0.0 10.0.10.1
ip route 0.0.0.0 0.0.0.0 192.168.88.1
ip http server
ip http secure-server
line con 0
line vty 5 15
transport input ssh
end