Skip to content

(04) SI‐Router Build Instructions

chipmanfu edited this page Jan 3, 2024 · 5 revisions

Build a Vyos router VM

  • VM name: SI-Router
  • OS Image to use: vyos-rolling-latest.iso      Available at (https://support.vyos.io/en/support/solutions/)
  • Guest OS Family: linux
  • Guest OS version: Debian GNU/Linux 11 (64-bit) (VMware)     or 6.x - 2.6 Kernel (ProxMox)
  • Hardware settings: 1 CPU / 4GB RAM / 16 GB HD / 4 NIC
    • Add 3 additional Network Adapters
      • Set Network Adaptor 1: “AdminNet”
      • Set Network Adaptor 2: “ServicesNet”
      • Set Network Adaptor 3: “GraySpace”
      • Set Network Adaptor 4: “RangeWAN”

Then start the VM, connect the ISO via CD-ROM and install vyos. During install, accept all defaults. Defaults are shown in [ ], just press enter to accept.

VYOS initial set up

Login with default creds user: vyos password: vyos Next we need to install the image, the vyos iso install is live only, to make the install permanent we need to do the following.
     install image
Except all defaults until you reach “This will destroy all data ..”, enter yes here.
Then it will ask some more questions, just accept all defaults, until password request.
Use: toor for the password.
Then accept defaults.
When it’s finished, you need to reboot, remove the iso from the CD-rom before you do this. Reboot with the following
     shutdown -r now
After the reboot, log back in using user: vyos password: toor.

VYOS configuration

At the $ prompt, do the following to get into configuration mode.
     configure
At the # prompt, we’ll start setting the configuration, we'll set up the AdminNet first manually, so we can copy the rest of the configurations over from the IA-Proxy.
     set interfaces ethernet eth0 address 172.30.7.254/21
     set service ssh
     commit
     save
     exit
You should now be back at the $prompt.

Move the SI-Router config scripts from the IA-Proxy to the SI-Router

On the IA-Proxy
Open a terminal as root. (NOTE: you should be on the IA-Proxy VM)
     cd /home/user/Cyber-Range/SI-Router
     scp -r Scripts/ [email protected]:/home/vyos

On the SI-Router
We'll run the config Scripts on SI-Router
Open a terminal as root. (Note: you should now be back on the SI-Router VM)
     cd /home/vyos/Scripts
     bash
     ./Eth1ServicesConfig.sh
     ./Eth2GrayConfig.sh           #NOTE: this script will take several minutes..

NOTE: In some VYOS builds, this script may not work by just calling the script in the command line. If you run into this, try the following method

     sg vyattacfg -c ./Eth1ServicesConfig.sh

NOTE: There are two unused scripts in this directory
Eth0AdminConfig.sh - this is in case you lose your Eth0 config.
Eth3RangeWAN.sh - This is an example script for setting up a connection to a target domain network. This can be renamed and configured based on what you want to set up and what target domains you ultimately connect to this environment.

This completes the SI-Router install, move on to the next system.