Optional OVA Configuration

The OVA is ready to use as-is. This section describes how to make the following optional configuration steps:

• Static IP address
• DNS server
• Static route

The configuration instruction steps differ depending on the Ubuntu operating system in use. So the first step is to determine which version of Ubuntu is running.

Before you begin, ensure that:

• The OVA is deployed.
• You have credentials and the IP address to log in to the virtual appliance.

To determine which version of Ubuntu is running:

1. Use SSH to log in to the virtual appliance command line interface (CLI).
   On Windows machines, you can use PuTTY.
2. Type the admin username and password.
   If the following CLI is displayed, the operating system is Ubuntu 16. Otherwise, the operating system is Ubuntu 20.04.

To make optional configurations proceed to the section that matches your operating system:

• Optional configuration for Ubuntu 16-based systems
• Optional configuration for Ubuntu 20.04-based systems

Optional Configuration for Ubuntu 16-based Systems

Perform optional configurations with the Digital Risk Protection (Threat Command) virtual appliance (“appliance”) console.

Before you begin:

• Ensure that you have a static IP address, network mask, gateway, and a DNS server address to assign to the appliance. A static IP address is required so that the appliance IP address can be used as a feed source for the security devices.
• Grant the new VM access to api.intsights.com

There are two separate logins to create in this section:

• SSH console login - Used to set up and maintain the appliance. Even though this login is rarely used, it is critical to keep the password for future maintenance, otherwise, the virtual appliance and your device environment may need to be recreated.

• Virtual appliance web access login - Used to access the web interface of the Digital Risk Protection (Threat Command) virtual appliance. This login is used more frequently to create and configure devices.

To configure the virtual appliance:

1. Start the newly created virtual machine.
2. Open a console.
3. Log in with default credentials:
   • Username: admin
   • Password: admin
4. Change the default password:
   1. Type the current password: admin
   2. Type a new password.
   3. Confirm the new password.
5. Verify network connectivity by selecting Network Settings > Show > IP / DNS. If DHCP is enabled (by default, for the appliance), validate that the appliance has acquired the appropriate networking settings.
6. Configure a static IP address for the virtual appliance:
   1. From the Main screen, select Network Settings > Set > IP > Static.
   2. Type a static IP address, network mask, gateway and DNS settings.
   3. Apply the changes, then press Enter to continue.

Optional Configurations for Ubuntu 20.04-based Systems

This section describes how to make these optional configuration steps:

• Static IP address
• DNS server
• Custom route

To configure a static IP address or DNS, you will need to disable DHCP, explained below.

The virtual appliance (VA) operation system is Linux-based running Ubuntu 20.04 LTS distribution. These procedures use Ubuntu’s built-in netplan  command-line tool to apply the network configuration.

To edit the configuration file, this procedure uses the nano  text editor.

Configuring a Static IP and DNS

This section describes how to configure a custom static IP and DNS.

Before you begin, ensure that:

• You can log in to the VA command line. You can use SSH with the VA’s IP address (on a Windows machine, you can use  PuTTY ), or from an ESXi, open console mode in the VM.
• You have the static IP, gateway IP, and required DNS information from the network administrator.

To configure a static IP and DNS:

1. Log in to the VA command line.
2. Type in your admin username and password.
3. Display the VA network configuration, by typing in the terminal: netplan get all. The output should be similar to:

network:
    ethernets:
        eth0:
            dhcp4: yes
            dhcp-identifier: mac
    version: 2

4. Determine where the DHCP is running on the VA by typing: cat /etc/netplan/00-installer-config.yaml. The output should be similar to:

network:

    ethernets:

        eth0:

            dhcp4: yes

This indicates that the VA is currently running with DHCP mode on eth0.

5. Open the file for editing: sudo nano /etc/netplan/00-installer-config.yaml

   • Assuming your networking configuration is:

     • Static IP 192.168.121.221
     • Subnet 24
     • Gateway IP 192.168.121.1
     • DNS servers (Internal DNS Server IP) 8.8.8.8, 1.1.1.1

     Edit the file to look like this if internal DNS server is 10.0.1.100:

network:

    ethernets:

        eth0:

            dhcp4: no

            addresses:

             - 192.168.121.1
            
            gateway4: 192.168.121.1

            nameservers:

                addresses: [10.0.1.100, 8.8.8.8, 1.1.1.1]

YAML files are sensitive to indentation. Ensure that the indentation is consistent, as demonstrated in the example above.

6. Save the file (Ctrl+S ) and exit (Ctrl+X).
7. To apply the changes, type sudo netplan try. The output should be similar to:

Do you want to keep these settings?
Press ENTER before the timeout to accept the new configuration

Changes will revert in 109 seconds

8. Optionally, to validate the changes were applied, type: ip addr show eth0. The output should be similar to:

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_code1 state UP group default qlen 1000

    link/ether 52:54:00:06:92:fd brd ff:ff:ff:ff:ff:ff

    inet 192.168.122.170/24 brd 192.168.122.255 scope global dynamic noprefixroute enpls0
        valid_lft 3127sec preferred_lft 3127sec

Verify your Static IP and Gateway IP are correct in the output.

To revert the changes, simply revert the file to its original state, enabling DHCP again, as mentioned at the beginning.

Configuring a custom route

This section describes how to configure a custom route. In the example, you want to add a custom route to 172.16.0.0 from 192.168.1.10.

To configure a custom route:

1. Log in to the VA command line.
2. Type in your admin username and password.
3. Open the file for editing: sudo nano /etc/netplan/00-installer-config.yaml.
4. Modify the file by adding a custom routes section, under the eth0 interface:

    routes:
        - to: 172:16:0:0
          via: 192.168.1.100

The final file should like similar to this:

network:
    ethernets:
        eth0:
            dhcp4: yes
            nameservers:
                addresses: [8.8.8.8, 1.1.1.1]
            routes:
                - to: 172:16:0:0
                  via: 192.168.1.100

5. Save the file (Ctrl+S) and exit (Ctrl+X).
6. To apply the changes, type sudo netplan try. The output should be similar to:

Do you want to keep these settings?
Press ENTER before the timeout to accept the new configuration

Changes will revert in 109 seconds

7. Optionally, to validate the changes were applied, type: routes -n The output should be similar to:

Kernel IP routing table
Destination     Gateway         Genmask         Flags   Metric  Ref     Use
Iface
0.0.0.0         192.168.122.1   0.0.0.0         UG      100     0         0 eth0
172.16.0.0      192.168.1.100   0.0.0.0         UG      100     0         0 eth0
169:254:0:0     0.0.0.0         255.255.0.0     U       1000    0         0 eth0
172.17.0.0      0.0.0.0         255.255.0.0     U       0       0         0
docker0
192.168.122.0   0.0.0.0         255.255.255.0   U       100     0         0 eth0

Every call to 172.16.0.0 should be passed to 192.168.1.100.

Additional resources

These are additional resources that can be used:

• Adding a static route on Ubuntu 20.04 LTS 
• Configuring a static IP address on Ubuntu 20.04 LTS 
• Subnet mask values 

System settings

This section describes how to change the admin password and reboot the machine.

To change the admin password:

1. From the terminal, type: passwd admin.
2. Press Enter and follow the output to configure the new password.

To reboot the machine:

1. From the terminal, type: reboot.