Installing IPCop as a Virtual Machine on VMware ESXi Server
Last Updated on Saturday, 13 February 2010 13:38 Written by Joe Aldeguer Monday, 12 October 2009 15:21
| Article Index |
|---|
| Installing IPCop as a Virtual Machine on VMware ESXi Server |
| Page 2 Installing IPCop and Setup |
| Page 3 Adding AddOns |
| All Pages |
Another piece of the puzzle for my Virtualization project has fit into place. I was able to virtualize my IPCop firewall boxes using a free download of VMware ESXi 3.5 Update 4 server. ESXi is a type 1 hypervisor, which directly communicates with server hardware. This was the primary reason why I decided to use ESXi instead of VMware server.
Disclaimer: There is no guarantee this will work for you. Created for author's personal use.
Before starting with this project I had to create virtual switches using ESXi server's impressive virtual networking capabilities. These where the steps I took to create them. To learn more about virtual switches on VMware ESX server click here.For redundancy and performance I will assign two nic cards for the virtual switch0 to use for redundancy and performance. This is where the VMware Infrastructure Client connects to manage ESXi. I will also use this Virtual Switch as a virtual LAN for all of my virtual machines, therefore I am naming it as Virtual Machine Network. To do the changes I have mentioned I will go to Configuration | Networking | Properties | Network Adapters | Add | choosing vmnic1 from the unclaimed adapters lists | click next, next | Finish. I have also change the name to Virtual Machine Network by using edit then changing the Network Label value.
In Vmware ESXi speak ETH0 is referred to as vmnic0. In Linux a network interface is called ETH0 which is the first NIC card.
How VMWare ESXi server identifies my installed physical NIC cards on my Super Micro server.
| ETH2 | ETH3 |
| ETH0 | ETH1 |
| ETH4 | ETH5 |
The only way I was able to determine this was by plugging and unplugging one RJ45 cable to each nic port at the back of the server then looking at the VMware Infrastructure Client console. I'm sure there is a better way to do this but I just can't think of it at the moment. If you have a better solution I'd be happy to hear it!
With that out of the way the next thing to do was create the virtual switches layout. In the ESXi server console go to the Configuration tab | Networking | click Add Networking | this starts the Network Wizard | choose Virtual Machine | click next | if there are vmnics checked at this point I will uncheck them for now. I will add it later. Click next | create a name for this network label | click next | click finish.
I'm now going to assign a vmnic to my newly created vSwitch1. Click the properties of vSwitch1 | Network Adapters | Add | since I already know my physical nic layout I will choose vmnic5.
Click next,next | Finish. vSwitch1 now is using vmnic5 attached to a physical nic card.
I have already created a datastore which VMware ESX server uses to store virtual machines. But if you haven't done so yet this is how I created mine. In the VMware Infrastructure Client go to Configuration | Storage | Add Storage | I am using a local storage which means my server has a RAID 5 volume | choose the option Disk/LUN | it will now show available space I could use for storage | I chose vmhba1:2:0, which is the RAID5 | click next, next | create a name for the datastore | click next | I will choose Block size: 1 MB, which means the biggest virtual machine I can create will be no more than 256 GB | click next | Finish.
This is what it looks like for my datastore storage. This was formatted by ESX using the vmfs3 file system especially optimized for virtualization.
Note: After downloading the IPCop ISO I checked the MD5 sum of the downloaded ISO to see if it matches the one posted on the IPCop's web page.
I will Download the latest version of IPCop. Once done I will create a folder called ISO in my ESX server's datastore to hold the iso files. Go to Configuration | Storage | I will double click the SAF-HQ-PRIMARY-DATASTORE | click the folder icon with the plus sign | name the folder ISO | click the upload icon choose file | browse to where IPCop was downloaded | click yes. It is considered good practice to upload all of the ISOs of any operating system you will use for the virtual machines into this folder.
Something to keep in mind. IPCop names each interface according to function based on color. GREEN is for the local subnet | RED is for Internet | ORANGE is DMZ | BLUE is used for wireless.
Choosing Typical.
Create the name for the virtual machine.
Choose the datastore to hold this new virtual machine. Since I have two datastores I will choose the one I named Primary of course then click next.
This will be a Linux machine and I prefer to use the option, other Linux 32 (32-bit), click next.
This IPCop install will also serve as a firewall, web proxy, web content filter and virus scanner for my LAN so I will give it two virtual processors | click next.
I will also give it a Gig of ram, click next.
I would like this IPCop firewall to have a DMZ, so I am going to use three NICs. Each virtual nic is connected to a virtual switch which I have already created earlier.
Click next | for the disk size I will choose 4 GB | click next.
Click check Edit the virtual machine before submitting | continue | I will remove the floppy by highlighting it then clicking Remove | Finish.
I will now attach the IPCop iso file for my newly created IPCop virtual machine to boot from. Click the IPCop virtual machine | under the getting started tab | Edit virtual machine settings | highlight CD/DVD Drive 1 | choose option Datastore ISO file | browse to location of the ISO file from the datastore | click OK | check Connect at power on for device status | click OK.
I will now power on the virtual machine by clicking on the play green play icon. When it begins to power I will open up the virtual machine console by clicking the computer icon with the green arrow.
