Step 2 . Ideas receive from a fried and apply it => Solved the problem! OK!!
Change network from 10.1..1.251 to 10.1.1.2 and very and test Internet connection
2.0. Make sure pfSense is powered pff
2.1. Inside ESXi terminal
[root@esxi00:~] esxcfg-route
VMkernel default gateway is 10.1.1.2
[root@esxi00:~] esxcli network ip dns server list
DNSServers: 10.1.1.2
[root@esxi00:~] ping google.com
PING google.com (216.58.212.142): 56 data bytes
64 bytes from 216.58.212.142: icmp_seq=0 ttl=128 time=52.287 ms
64 bytes from 216.58.212.142: icmp_seq=1 ttl=128 time=53.458 ms
64 bytes from 216.58.212.142: icmp_seq=2 ttl=128 time=53.811 ms
--- google.com ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 52.287/53.185/53.811 ms
[root@esxi00:~]
2.2. For internal CentOS VM inside ESXi_00 I change external ip to 10.1.1.50/25 and 10.1.1.2 and it works OK.
2.3. For pfSense in Vmware Fusion I do not modify anything, but ping works ok.
All are connected to Network > Custom > Allow using NAT
There are 6 license for 6 ESXi and 2 license for vCenter
Maximum 3 ESXi can be included into vCenter
Introducing into vCenter the ESXi I power on and use in that moment and need vCenter help for configuration
The License show Usage 4 CPUs and Capacity 6 CPUs
VM ESXi esxi00.silvique.ro has Evaluation License
When open Assign License show it is possible because the Usage 4 CPUs and Capacity 6 CPUs
Choose ESXi Licensing. Then the Usage change to 8 CPUs and impossible to click OK
Important information:
The License is based on 6 CPUs capacity NOT on 6 ESXi VM.
If you use ESXi’s with 2 CPUs then you can do this using maximum of 3 ESXi’s meaning a total of 6 CPUs capacity for the license. If you want to use ESXi with 4 CPUs, then a licence accepts only one ESXi with 2 CPUs.
Cannot contact the specified host (esxi00.silvique.ro). The host may not be available on the network, a network configuration problem may exist, or the management services on this host may not be responding.
I need to put ESXi into vSpare to install a new VM as I do not find solution of installation into ESXi. But if I insert esxi00 into vSphere using the IP, I can not install VM. So I want to insert esxi00.silvique.ro base on its name to try to install Junos Spare.
I thought it is fw problem, so I install it into esxi00 and powered on.
What can I do to insert esxi00.silvique.ro into vShere?
Ideas and solution
1. Check to see if you can ping the hostname from the vCenter appliance.
vCenter and ESXi from MacBook
murgescusilvia@Murgescus-MacBook-Pro ~ % ping 10.1.1.101
PING 10.1.1.101 (10.1.1.101): 56 data bytes
64 bytes from 10.1.1.101: icmp_seq=0 ttl=64 time=0.336 ms
64 bytes from 10.1.1.101: icmp_seq=1 ttl=64 time=0.598 ms
64 bytes from 10.1.1.101: icmp_seq=2 ttl=64 time=0.496 ms
64 bytes from 10.1.1.101: icmp_seq=3 ttl=64 time=0.217 ms
^C
--- 10.1.1.101 ping statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.217/0.412/0.598/0.146 ms
murgescusilvia@Murgescus-MacBook-Pro ~ % ping vc01
PING vc01.silvique.ro (10.1.1.101): 56 data bytes
64 bytes from 10.1.1.101: icmp_seq=0 ttl=64 time=0.403 ms
64 bytes from 10.1.1.101: icmp_seq=1 ttl=64 time=0.623 ms
64 bytes from 10.1.1.101: icmp_seq=2 ttl=64 time=0.456 ms
^C
--- vc01.silvique.ro ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.403/0.494/0.623/0.094 ms
murgescusilvia@Murgescus-MacBook-Pro ~ % ping vc01.silvique.ro
PING vc01.silvique.ro (10.1.1.101): 56 data bytes
64 bytes from 10.1.1.101: icmp_seq=0 ttl=64 time=0.355 ms
64 bytes from 10.1.1.101: icmp_seq=1 ttl=64 time=0.881 ms
^C
--- vc01.silvique.ro ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.355/0.618/0.881/0.263 ms
murgescusilvia@Murgescus-MacBook-Pro ~ % ping 10.1.1.10
PING 10.1.1.10 (10.1.1.10): 56 data bytes
64 bytes from 10.1.1.10: icmp_seq=0 ttl=64 time=0.517 ms
64 bytes from 10.1.1.10: icmp_seq=1 ttl=64 time=0.389 ms
^C
--- 10.1.1.10 ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.389/0.453/0.517/0.064 m
s
murgescusilvia@Murgescus-MacBook-Pro ~ % ping esxi00
PING esxi00.silvique.ro (10.1.1.10): 56 data bytes
64 bytes from 10.1.1.10: icmp_seq=0 ttl=64 time=0.315 ms
64 bytes from 10.1.1.10: icmp_seq=1 ttl=64 time=0.513 ms
64 bytes from 10.1.1.10: icmp_seq=2 ttl=64 time=0.325 ms
^C
--- esxi00.silvique.ro ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.315/0.384/0.513/0.091 ms
murgescusilvia@Murgescus-MacBook-Pro ~ % ping esxi00.silvique.ro
PING esxi00.silvique.ro (10.1.1.10): 56 data bytes
64 bytes from 10.1.1.10: icmp_seq=0 ttl=64 time=0.385 ms
64 bytes from 10.1.1.10: icmp_seq=1 ttl=64 time=0.709 ms
^C
--- esxi00.silvique.ro ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.385/0.547/0.709/0.162 ms
ESXi00 from vCenter
murgescusilvia@Murgescus-MacBook-Pro ~ % ssh root@vc01.silvique.ro
…..
Command> ping 10.1.1.10
PING 10.1.1.10 (10.1.1.10) 56(84) bytes of data.
64 bytes from 10.1.1.10: icmp_seq=1 ttl=64 time=1.01 ms
64 bytes from 10.1.1.10: icmp_seq=2 ttl=64 time=1.11 ms
64 bytes from 10.1.1.10: icmp_seq=3 ttl=64 time=1.29 ms
64 bytes from 10.1.1.10: icmp_seq=4 ttl=64 time=0.978 ms
^C
--- 10.1.1.10 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 0.978/1.101/1.299/0.124 ms
Command> ping esxi00
ping: unknown host esxi00
Command> ping esxi00.silvique.ro
ping: unknown host esxi00.silvique.ro
2. If you cant you can either edit the host file on the vcenter machine
2.1. SSH’d into the vCenter using Terminal
Last login: Tue May 5 07:19:26 on ttys006
murgescusilvia@Murgescus-MacBook-Pro ~ % ssh root@vc01.silvique.ro
Command> ls /etc/
Unknown command: `ls'
Command> cd etc
Unknown command: `cd'
Command> shell
Shell access is granted to root
root@10 [ ~ ]#
2.2. Navigated to the host files directory
cd /
cd etc
ls (this list everything in the directory)
root@10 [ ~ ]# cd ..
root@10 [ ~ ]# cd /etc
2.3. Used vim to edit the file:
vim hosts
root@10 [ /etc ]# vim hosts
2.4. Added the name and the IP that I wanted to be tied together.
2.5. Exited vi (vi automatically saves the file when you leave unless specified to not save when you leave.)
To exit and save type ESC + : x or ESC + : wq
To exit without saving type Esc + : q!
Esc :wq
2.6. Now test it using the Ping command.
ping name
Command> ping 10.1.1.10
PING 10.1.1.10 (10.1.1.10) 56(84) bytes of data.
64 bytes from 10.1.1.10: icmp_seq=1 ttl=64 time=0.687 ms
64 bytes from 10.1.1.10: icmp_seq=2 ttl=64 time=0.512 ms
64 bytes from 10.1.1.10: icmp_seq=3 ttl=64 time=1.03 ms
64 bytes from 10.1.1.10: icmp_seq=4 ttl=64 time=0.883 ms
^C
--- 10.1.1.10 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3002ms
rtt min/avg/max/mdev = 0.512/0.780/1.039/0.199 ms
Command> ping esxi00.silvique.ro
ping: unknown host esxi00.silvique.ro
Command> ping 10.1.1.10
PING 10.1.1.10 (10.1.1.10) 56(84) bytes of data.
64 bytes from 10.1.1.10: icmp_seq=1 ttl=64 time=0.663 ms
64 bytes from 10.1.1.10: icmp_seq=2 ttl=64 time=1.03 ms
64 bytes from 10.1.1.10: icmp_seq=3 ttl=64 time=0.790 ms
64 bytes from 10.1.1.10: icmp_seq=4 ttl=64 time=0.719 ms
^C
--- 10.1.1.10 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 0.663/0.802/1.038/0.145 ms
Command> ping esxi00.silvique.ro
PING esxi00.silvique.ro (10.1.1.10) 56(84) bytes of data.
64 bytes from esxi00.silvique.ro (10.1.1.10): icmp_seq=1 ttl=64 time=0.385 ms
64 bytes from esxi00.silvique.ro (10.1.1.10): icmp_seq=2 ttl=64 time=0.539 ms
64 bytes from esxi00.silvique.ro (10.1.1.10): icmp_seq=3 ttl=64 time=0.668 ms
^C
--- esxi00.silvique.ro ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.385/0.530/0.668/0.118 ms
Command> ping esxi00
PING esxi00.silvique.ro (10.1.1.10) 56(84) bytes of data.
64 bytes from esxi00.silvique.ro (10.1.1.10): icmp_seq=1 ttl=64 time=0.388 ms
64 bytes from esxi00.silvique.ro (10.1.1.10): icmp_seq=2 ttl=64 time=0.581 ms
64 bytes from esxi00.silvique.ro (10.1.1.10): icmp_seq=3 ttl=64 time=0.599 ms
^C
--- esxi00.silvique.ro ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1998ms
rtt min/avg/max/mdev = 0.388/0.522/0.599/0.099 ms
Solution photos
An other idea: Or add the host to the dnsresolver on the pfsense firewall. When using the firewall, the vcenter machine needs to have the IP of the firewall as it’s gateway and dns server.
Before this I have added a new Hard Disk into VMware Fusion end the configure Storage Datastore into VMware ESXi.
Now I want to install a VM and I get an error:
– The vm configuration was rejected. Please see Browser console
– Failed to create virtual machine vm. The operation is not allowed in the current state.
The answer I find on internet including the solution: “check the vmware state.. if it is in maintenance mode means you are not able to create virtual machine… keep the vmware on normal state.”
The security director: Security-Director-19.4R1.53.img
Overview
You can deploy the Junos Space Virtual Appliance *.ova file on a VMware ESXi server version 5.5, 6.0, or 6.5. Basic I have ESXi 6.7 but into installation step maybe I can modify to 6.0.
After the Junos Space Virtual Appliance is deployed, you can use the VMware vSphere client or Virtual Machine Manager (VMM) to connect to the VMware ESXi server and configure the Junos Space Virtual Appliance.
The minimum hardware requirements for deploying a Junos Space Virtual Appliance are as follows:
one core of the processor
64-bit quad processor with a clock speed of at least 2.66 GHz
Installing a Junos Space Virtual Appliance on a VMware ESXi Server
Login ESXi, mine name is esxi00. Go to Virtual Machine > Create/Register VM and click Deploy a virtual machine from an OVF or OVA file. Then Next
Enter a name as jSpace-1-20.1R1.2. I needed an other version to install and I use the name jSpace-2-19.4R1.3. Find in MacBook and chose space-19.4R1.3.ova file. Click Next
Chose the datastore where jSpace will be installed
Note: I have install a new ESXi VM into VMware Fusion with
Datastore name: datastre1
Capacity: 532 GB
Free: 504 GB (as I install CentOS firs)
Type: VMFS6
Please untag the Power on Automatically and you will si way … Click Next
Verify that all is correctly and click Finish
Failed to Power On. I mine case some modification have to be done before powering on.
Down in Recent Tasks you will see and wot to finish to complete. After finished go further.
Go to Virtual Machine > jSpace-1-20.1R1.2. This si default
Virtual Machine > jSpace-2-19.4T1.3
Click Edit
CPU 2, Memory 8 GB meaning 8192 MB, Default Hard Disk is minimal accepted of 500 GB.
You will be asked to enter user and password which are admin and abc123 respectively also for UNIX password.
Once you entered these, you will be asked to change the password. Choose your new password according to the local instructions. Otherwise you may fail to set a proper password.
[sudo] password for admin: the_configured_password
Press enter and continue
Choose the type of node to be installed [S/F] S
Configuring Eth0:
1) Configure UPv4
2) Configure Both IPv4 and IPv6
R) Redraw Menu
Click 1 and continue
Choice [1-2,R]: 1
Please enter new IPv4 address for interface eth0
172.25.11.109
Please enter new IPv4 subnet mask for interface eth0
255.255.255.0
Enter the default IPv4 gateway as a dotted-decimal IP address:
172.25.11.254
Please type the IPv4 nameservicer address in dotted decimal notation:
8.8.8.8
Configure a separate interface for device management? [y/N] n
Will this Junos Space system be added to an existing cluster? [y/N] n
Web GUI configuration
Configuring IP address for web GUI:
1) Configure IPv4
R) Redraw Menu
Chose [1,R]: 1
Please enter IPv4 Address for web GUI:
172.25.11.100
Do you want to enable NAT service? [y/N] n
Add NTP Server? [y/N] y
Please type the new NTP server: 82.197.221.30
Note: In NTP server you can use also the default IPv4, here meaning 172.25.11.254.
Please enter display name for this node: space2
Enter password for cluster maintenance mode: mine_password
Re-enter password: mine_password
-----
A> Apply settings
-----
Chose [ACQR]: A
Here is an image but all to do list is up
Now you can connect to the box via SSH at its ip 172.25.11.109:
% ssh admin@172.25.11.109
admin@172.25.11.109's password: the-password
Junos Space Settings Menu
...
7) (Debug) run shell
...
Chose [1-7,AQR]: 7
[sudo] password for admin:
[root@space-000c29cb6706 ~]# ip -4 addr
1: lo: <LOOPBACK,UP,LOWER_UP> meu 655536 disc no queue state UNKNOWN
inet 127.0.0.1/8 scope host lo
2: eth0: <BROUDCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
inet 172.25.11.109/24 brd 172.25.11.255 scope global eth0 <---Primary IP
inet 172.25.11.100/24 brd 172.25.11.255 scope global secondary eth0:0 <---Secondary GUI IP Address
Now it is time to login to the web UI.
Get inside CentOS using the password
Open Firefox application
Use https://172.25.11.100 to open Junos Space
Username: super
Password: juniper123
Change Temporary Password
Now going to install Security-Director-19.4R1.53.img file.
Security Director
Testing ping in MacBook Pro Terminal
murgescusilvia@Murgescus-MacBook-Pro ~ % ping centos
PING centos.silvique.ro (10.1.1.50): 56 data bytes
64 bytes from 10.1.1.50: icmp_seq=0 ttl=64 time=0.832 ms
64 bytes from 10.1.1.50: icmp_seq=1 ttl=64 time=1.320 ms
64 bytes from 10.1.1.50: icmp_seq=2 ttl=64 time=0.684 ms
c64 bytes from 10.1.1.50: icmp_seq=3 ttl=64 time=0.705 ms
64 bytes from 10.1.1.50: icmp_seq=4 ttl=64 time=0.461 ms
^C
--- centos.silvique.ro ping statistics ---
5 packets transmitted, 5 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.461/0.800/1.320/0.286 ms
murgescusilvia@Murgescus-MacBook-Pro ~ %
-> Copy the file Security-Director-19.4R1.53.img from MacBook Pro to CentOS using Terminal from MacBook PRO
Not possible to use user name Silvia to update Security-Director-19.4R1.53.img file to CentOS:
[root@CenrOS /]# sudo rm Security-Director-19.4R1.53.img
[root@CenrOS /]# ls
Ready to use jSpace to deploy the security director.
Inside CentOS open Firefox than jSpace using the web IP like https://172.25.11.100
Web user is super and the configured password
Go to Adminitration -> Applications -> + button meaning Add Application
Select Upload via HTTP and upload the Security-Director-19.4R1.53.img
Please click on Job ID to new details > OK
Once it appears, click install then OK
Application Management Job Information: Please logout and log in again after the installation of new application completed successfully. Click on Job ID to new details. > OK
It will take a while for the application to be installed. I exit and I will not enter again. Now I take a break to be sure it will be installed after mine break.
When it is finished you will see other new applications
Application Visibility – new
Version 19.4,
Release R1,
Build 53,
Server Group Platform
Log Director – new
Version 19.4,
Release R1,
Build 53,
Server Group Platform
Network Management Platform – exited already
Version 19.4,
Release R1,
Build 3,
Server Group Platform
NSM Migration
Version 19.4,
Release R1,
Build 53,
Server Group Platform
Security Director – new
Version 19.4,
Release R1,
Build 53,
Server Group Platform
Security Director Login and Reporting – new
Version 19.4,
Release R1,
Build 53,
Server Group Platform
In Administation > Licenses
License Type Tryal
Sku Mode Trial-license
Total License Days 60
Remaining Days 60
And here we are! We have installed both space platform and security director. Last but not least I need to recap usernames we have configured so far to avoid any confusion.
1) admin user: We set this for the Linux shell and default password during the installation is abc123 2) maintenance user: we also set password for this but it is used for special operations. No default password for this. It must be set. 3)super user: this user is used for WEB UI and initial default password is juniper123
A virtual lab that include CentOS is configured in EVE-PRO. The EVE-PRO is configure in VMWare Fusion. VMware Fusion is in MacBook PRO. The idea is to connect virtual CentOS to internet.
Open VMware Fusion > Click on EVE-PRO virtual machine > Click on Settings…
Create, or select if already created, 3 Network Adapter:
Network Adapter > Connect to vSphere network
Network Adapter 2 > Connect to vSphere network
Network Adapter 3 > Connect to vSphere network
Into EVE-PRO lab create a new Network type Cloud1 and connect to CentOS. Do not forget to configure the correct IP in CentOS. Details of how I done it are here: 2020.04.30 – CentOS installation into EVE-NG.
murgescusilvia@Murgescus-MacBook-Pro ~ % ssh silvia@ip-address
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
The ECDSA host key for us01 has changed, and the key for the corresponding IP address ip-address is unchanged.
This could either mean that DNS SPOOFING is happening or the IP address for the host and its host key have changed at the same time.
Offending key for IP in /Users/murgescusilvia/.ssh/known_hosts:20
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is SHA256:5b11LsICh7VVaHkfY/HiLh6IThcZYjkkDD7Pt6dixJw.
Please contact your system administrator. Add correct host key in /Users/murgescusilvia/.ssh/known_hosts to get rid of this message. Offending ECDSA key in /Users/murgescusilvia/.ssh/known_hosts:19 ECDSA host key for ip-address has changed and you have requested strict checking.
Host key verification failed.
Solution to solve this problem:
murgescusilvia@Murgescus-MacBook-Pro ~ % ssh-keygen -R ip-address
# Host ip-address found: line 19 /Users/murgescusilvia/.ssh/known_hosts updated.
Original contents retained as /Users/murgescusilvia/.ssh/known_hosts.old
I will add a command every time I search and use something.
root@eve-ng:/opt/unetlab/tmp/0/085884f1-7807-492d-814f-7b588fd1892c/1# ls
cdrom.iso hda.qcow2 l1down_1 l1up_0 mon-sockmon2-sockqmp-sock wrapper.txt
A needed command to make it work as configured
root@eve-ng:/opt/unetlab/addons/qemu/linux-centeros-8# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
May 01 07:09:28 May 01 07:09:28 Online Check state: Valid
All done. CentOS is ready to go. We will now add a couple of nodes to confirm that CentOS is working.
Step 14. Verify that CentOS is working
Add a total of three CentOS
Power-on all
All 3 can power-on …
Step 14. Configure and Mange Network Connection using nmcli