aron warren

Information Security Engineer


Recreating my home lab

Unfortunately a few weeks ago I had a hard drive failure on my VMWare ESXi server.  Not too surprising given that the hard drives were about two years old and certainly were tortured by heat stress.  I had a few of the VMs backed up but did end up losing some nicely configured VMs.  So my thoughts yesterday were to rebuild the lab from scratch.

I fortunately have a pretty rock solid ASUS mainboard with 2 – E5405 2HGz Intel Xeon processors from years ago.  Aside from the BIOS being rather old and clunky, as well as only 1 working SATA port, it will have to do for now.  So we have a total of 8 cores and 16GB of RAM.  Two onboard NICs will provide just enough for an external Internet connection and an internal connection to a switch.

I’ll be using the Sophos (formerly Astaro) Unified Threat Management Virtual Appliance as the gatekeeper.  It has a really generous free home user license that activates most functionality.  In the past I have used OpenBSD as the firewall but every once in awhile it is nice to have a great GUI instead of doing everything on command line (as I do 9 hours a day at work).

With the initial setup going, eg. public IP and a wireless AP, I wanted to add in centralized logging to my Splunk server located off in my separate private network.  I tried to get the splunkforwarder going on the firewall but something was preventing it from launching.  I ended up just forwarding syslog to splunk.  I’ll have to revisit this issue later.

The final thing I got working was setting up remote access VPN connectivity.  This was probably the easiest step and took only about 1 minute to generate the SSL certificates and OpenVPN configuration.  Using TunnelBlick on my mac I was able to get remotely connected in a matter of minutes.

The next step I want to achieve is getting some centralized authentication service running.  Seems like AD is probably the easiest.  What have you all done in your home labs?



Leave a Reply

About Me

#infosec graduate but a perpetual student of the trade. I like #camping, #fitness especially #HIIT resulting in #muscle, snowboarding, and generally playing around with computers.

Click to access the login or register cheese