Master Pod Configuration

A master pod is setup on the management server. This master pod will contain the VMs deployed from the NDG VM Distribution System. This will later be cloned to template pods on each host.

NDG VMDIST Storage Connections

These storage connections should be set up and configured on your management server. Refer to Setup NDG VM Distribution System

Virtual Machine Inventory

PC Name

VM OS

VM ID

VMDIST VM Name

VMDIST Storage Connection

Kali

Linux

4201081

NDG-SecPlusV4.Kali (build)

vmdist.ndg_genit

pfSense

FreeBSD

4201082

NDG-SecPlusV4.pfSense (build)

vmdist.ndg_genit

SecOnion

Linux

4201083

NDG-SecPlusV4.SecOnion (build)

vmdist.ndg_genit

UbuntuSRV

Linux

4201084

NDG-SecPlusV4.UbuntuSRV (build)

vmdist.ndg_genit

WinOS

Windows Server 2019 Standard (64-bit)

4201085

NDG-SecPlusV4.WinOS (build)

vmdist.ndg_genit.windows

Deploying from NDG VMDIST

Deploy on your management server the pod virtual machine files from the NDG VM Distribution System.

Navigate to your Proxmox VE Management Server using your management workstation in a web browser.

Using your navigation panels, navigate to Resource Tree > Datacenter > your_management_server > vmdist.ndg_genit.

In the Content Panel, select Backups.

In the Notes column, select the name NDG-SecPlusV4.Kali.

Note

These build numbers may vary. Please refer to the Release Notes of the content to determine the latest version.

Click the Restore button.

In the Restore: VM popup window, select your Storage (i.e. NETLAB1).

Set the VM field to 4201081.

Click the Restore.

Proxmox VE will begin deploying the virtual machine. This may take some time, depending on the speed of your connection, HDDs, etc. Repeat the previous steps for each remaining virtual machine in the pod from the table above.

Modify Virtual Machines

Once the virtual machines are imported onto the management host, verify the configurations. The following steps will guide you through the process.

Navigate to your Proxmox VE cluster using your management workstation, and login.

Using your navigation panels, navigate to Resource Tree > Datacenter > your_management_server. Expand its view to see the virtual machines you deployed.

Locate the NDG-SecPlusV4.Kali virtual machine. In the Content Panel, select Hardware.

Select Network Device (net0) and click the Edit button.

Confirm the MAC address field matches the table below.

Virtual Machine MAC Address

Virtual Machine

NIC

MAC

Kali

0

00:50:56:03:13:02

pfSense

0

00:50:56:92:68:01

1

00:50:56:00:16:01

2

00:50:56:03:13:01

SecOnion

0

00:50:56:92:68:06

1

00:50:56:00:00:FF

UbuntuSRV

0

00:50:56:16:01:10

WinOS

0

00:50:56:92:68:50

Repeat the previous steps for each network adapter of the remaining virtual machines you deployed.

Create a Snapshot

Locate the NDG-SecPlusV4.Kali virtual machine. In the Content Panel, select Snapshots.

Click the Take Snapshot button.

In the Create Snapshot window, type GOLDEN. Click Take Snapshot to take a snapshot.

Repeat these steps for each virtual machine.

NETLAB+ Virtual Machine Inventory Setup

This section will guide you in adding your master virtual machines to the Virtual Machine Inventory of your NETLAB+ VE system.

Log in to your NETLAB+ VE system using the administrator account.

Select the Virtual Machine Infrastructure icon.

Virtual Machine Infrastructure

Click the Virtual Machine Inventory icon.

Virtual Machine Inventory

Click the Import Virtual Machines button located at the bottom of the list.

Import Virtual Machines

Select the appropriate datacenter from the list where your VMs reside.

Select the checkbox next to the virtual machines you have just deployed and click Import Selected Virtual Machines.

Import Selected Virtual Machines

When the Configure VMs window loads, you can set your virtual machine parameters.

Note

It is advised to leave the Version and Build numbers for reference when requesting NDG support.

  1. Check the dropdown box for the correct operating system for each imported virtual machine.

  2. Change Role to Master for each VM.

  3. Add any comments for each virtual machine in the last column.

  4. Verify your settings and click Import (X) Virtual Machines (notice the number in parenthesis is dynamic, depending on the amount of VMs selected).

  5. Verify all Import Statuses report back with OK and then click on the Dismiss button.

  6. Verify that your virtual machines show up in the inventory.

For additional information, please refer to the NETLAB+ VE Administrator Guide.

Building the Master NDG Security+ v4 Pod

This section will assist you in adding the NDG Security+ v4 pod to your NETLAB+ system.

Enabling Labs in Course Manager

Please refer to the Course Manager section of the NETLAB+ VE Administrator Guide on how to enable content. Please install the NDG Security+ - v4 course.

Create the Master Pod

Log into NETLAB+ VE with the administrator account.

Select the Pods icon.

Pods

Create a new pod by scrolling to the bottom and clicking the Create New Pod button.

Create New Pod

Then, click on the NDG Security+ v4 pod entry from the list of installed pod types.

NDG Security+ v4 Pod Type

On the New Pod window, input a value into the Pod ID and Pod Name fields. Click Next.

Note

The Pod ID determines the order in which the pods will appear in the scheduler. It is best practice to use a block of sequential ID numbers for the Pod Id that allows for the number of pods you are going to install.

The Pod Name identifies the pod and is unique per pod. Here we used the name of the lab set or course in a shortened form.

To finalize the wizard, click OK.

For additional information, please refer to the NETLAB+ VE Administrator Guide.

Attach Virtual Machines to the Master Pod

Update the master pod to associate the virtual machines with the newly created pod.

Select the NDG Security+ v4 master pod from the pod list.

Click on the Action dropdown next to the virtual machine you are about to assign and select Attach VM.

Remote PC Attach VM

Select the corresponding virtual machine from the inventory list.

Click OK to confirm the VM attachment and repeat the previous steps for the remaining virtual machines.

Set the Revert to Snapshot

Make sure to view the NDG Security+ v4 master pod you just created snapshots for. In the pod view, click on the dropdown menu option underneath the Action column and select Settings.

Remote PC Settings

In the virtual machine’s Settings window, click on the Revert to Snapshot dropdown and select GOLDEN and then click the Submit button.

Note

This sets the snapshot on the virtual machine that will get reverted to each time the pod is scheduled.

Click OK to confirm.

Return to the pod view page and repeat the previous steps for the remaining virtual machines.

Make changes to the Master Pod

Some pods have software that needs to be altered on the host machine before it can be used properly. This normally happens when software requires licenses to function.

If there are changes that need to be made to the master pod prior to template cloning, you will need to follow this set of instructions to ready your master pod.

For the NDG Security+ v4 master pod, you will need to license all the Microsoft Windows machines. This process consists of:

  • Scheduling the master pod

  • Providing temporary internet access to the WinOS

  • Licensing/Activating the WinOS

  • Shutting down the WinOS

  • If necessary, resetting the network interface cards to SAFETY_NET

  • Taking a new GOLDEN snapshot for the WinOS

  • Ending the reservation

Virtual Machine Credentials

For your reference, the following table provides a list of the credentials for the systems in the pod:

Virtual Machine Credentials

Machine

Username

Password

Kali

kali

kali

pfSense

sysadmin

NDGlabpass123!

SecOnion

sysadmin

NDGlabpass123!

UbuntuSRV

sysadmin

NDGlabpass123!

WinOS

Administrator

NDGlabpass123!

Bring the Master Pod online

In the pod view, click the drop arrow under State and select Online.

Bring Pod Online

Create Class and Schedule the Master Pod

Create a class as identified in the Add Classes section of the NETLAB+ VE Instructor Guide then schedule the Master Pod to license the WinOS virtual machine(s) (choose the NDG Security+ v4 lab design and select No Lab: Launch Cyber Range from the list of labs as this selection will boot up all VMs available in the pod).

Warning

When scheduling the Master Pod, it is important to schedule the pod for enough time to complete the following steps. Failure to complete the steps prior to taking the final snapshot could mean redeploying the necessary virtual machines.

Provide Temporary Internet Access to WinOS

Navigate to your Proxmox VE management server using your management workstation, and login.

Using your navigation panels, navigate to Resource Tree > Datacenter > your_management_server. Expand its view to see the virtual machines you previously deployed.

Locate the WinOS virtual machine. In the Content Panel, select Hardware.

Select Network Device (net0) and click the Edit button.

In the Edit: Network Device window, set the Bridge field to an internet-accessible bridge.

Note

Alternatively, you can add a new Network Device to the VM and use it to link to a virtual machine port group that is linked to an internet accessible physical adapter.

Click OK to confirm the changes.

License and Activate WinOS

Log on to the WinOS virtual machine in the pod. If necessary, click the dropdown arrow for the VM’s tab and select Send CTRL+ALT+DEL.

Log in as Administrator with NDGlabpass123! as the password.

Once logged in, make sure the TCP/IP settings are temporarily configured correctly so that the internet is reachable. This can vary depending on how your environment is set up.

Note

If you added a new temporary Network Device from the previous section, make sure to configure the TCP/IP settings for the newly added network adapter and use it to connect out to the internet.

Right-click on the Start icon in the lower-left and select System.

Scroll down and click Change product key or upgrade your edition of Windows in the Windows activation section.

Click Change product key in the Activate Windows Now section.

Enter the product key and follow the on-screen instructions.

Windows should now be activated. If you received an error, make sure that the key entered is valid and click the Troubleshoot link from the Activation Settings to troubleshoot the problem.

Shut Down WinOS

While on the WinOS machine, click the Start menu followed by clicking the Shut Down button.

Reset the NIC to SAFETY_NET

Navigate to your Proxmox VE management server using your management workstation, and login.

Using your navigation panels, navigate to Resource Tree > Datacenter > your_management_server. Expand its view to see the virtual machines you previously deployed.

Locate the WinOS virtual machine. In the Content Panel, select Hardware.

Select Network Device (net0) and click the Edit button.

In the Edit: Network Device window, set the Bridge field to SAFETY_NET.

Note

If you added a new temporary Network Device from the previous section, make sure to remove the Network Device.

Click OK to confirm settings.

Take New Snapshots for the Changed Master Virtual Machines

Locate the WinOS virtual machine. In the Content Panel, select Snapshots.

Select the current GOLDEN snapshot and click Remove. Remember the name of this snapshot, as the new snapshot will need to have the exact same name.

Click Yes on the Confirm window.

Click the Take Snapshot button.

In the Create Snapshot window, type GOLDEN or whatever prior snapshot name the virtual machine had. Click Take Snapshot to take a snapshot.

Repeat these steps for each virtual machine.

End Reservation

You may now end the reservation of the master pod.