Unfortunately a few weeks ago I had a hard drive failure on my VMWare ESXi server. Not too surprising given that the hard drives were about two years old and certainly were tortured by heat stress. I had a few of the VMs backed up but did end up losing some nicely configured VMs. So my thoughts yesterday were to rebuild the lab from scratch.
I fortunately have a pretty rock solid ASUS mainboard with 2 – E5405 2HGz Intel Xeon processors from years ago. Aside from the BIOS being rather old and clunky, as well as only 1 working SATA port, it will have to do for now. So we have a total of 8 cores and 16GB of RAM. Two onboard NICs will provide just enough for an external Internet connection and an internal connection to a switch.
I’ll be using the Sophos (formerly Astaro) Unified Threat Management Virtual Appliance as the gatekeeper. It has a really generous free home user license that activates most functionality. In the past I have used OpenBSD as the firewall but every once in awhile it is nice to have a great GUI instead of doing everything on command line (as I do 9 hours a day at work).
With the initial setup going, eg. public IP and a wireless AP, I wanted to add in centralized logging to my Splunk server located off in my separate private network. I tried to get the splunkforwarder going on the firewall but something was preventing it from launching. I ended up just forwarding syslog to splunk. I’ll have to revisit this issue later.
The final thing I got working was setting up remote access VPN connectivity. This was probably the easiest step and took only about 1 minute to generate the SSL certificates and OpenVPN configuration. Using TunnelBlick on my mac I was able to get remotely connected in a matter of minutes.
The next step I want to achieve is getting some centralized authentication service running. Seems like AD is probably the easiest. What have you all done in your home labs?
Leave a Reply
You must be logged in to post a comment.