opennac live setup lab01 using a cisco2960

hi this is cherry North Alaska from the roof open neck and today we are going to show you how to install open AG life I mean is download the Oba file and installed in a lab environment and then you can test the main functionality to you that we have preparing open neck okay first at all let me show you what is the architecture that we want to sorry detector that we want to create we have here the wiki documentation setup am installation from built on appliance and that we want to set up is this detector we need a disco switch or extended wall switch okay this case I’m using a Cisco 2960 I’m going to use brittle boxes virtualization video melt and we are going to use a PC with Windows XP in this case half a BNC connection using the Wi-Fi we are going to use the cable in order to set up and I’m going to administrate from my laptop itself okay fist at all that we need to do is need to download we connect to open up the door to download now link and here we can download built on appliance source or a p.m. ok in this case we’re going to use the Oba file okay this case this is the one that we want to do it I have already downloaded in my laptop okay and that we can do is open the Dropbox manager go to file import fires we don’t need floppy max then start the import procedure okay why it is important we can review here two things what are the logical architecture okay we are going to define for villains okay service villain registered villains and Quarantine villain and a management bill and that is the villain wonderful one everything in the in this case everything is using the one eternal physical Ethernet ok-jung using logical interfaces with peanuts inside status this here is to change the full name in this case this is the NOC 28 right up okay and need war we need to see that we have a bridge adapter and with the physical Ethernet that is this one okay we’re going to start now this is starting and something that

I have here is half a mini cone with the Cisco switch okay let me show you show in coffee the most important part of the configuration the difficult rotation and accounting to figuration okay this configuration is in the wiki page this is the trunk port this is the port that we are using to connect my laptop to the switch okay this is the Train port here we have defined the identification using 802 dot 1x and other important things of the configuration page is that manage may belong and this is the IP where the switch is going to connect to the radius a – this is the P that we are going to use to administrate the radius open knock administration okay we have just started the BM default password is open up okay here we have the link of the documentation the wiki and what is the text we said in order to set up the interfaces open interface okay okay admin interface in my case is to the 2p okay what is the service interface 313 okay this is the need water that you have define a service interface things good just a good way this is the DHCP range it’s not very big because of it is a test okay this is the IP that we want to provide to open neck in the service belong to put this one thank you for bein s quarantine belong Quentin mid-walk did we arrange the same for the registry and the drone and now the interface is going to be up with physical and here we have the logical form the similar balance that we have already defined okay now it is configure let me check if I can access okay in my case my laptop has similar interfaces but we have in the default VLAN we have an appeal at least this one in 10 we can access to okay probably came out of DNS and open work as default okay we are here and that we need to do now is we are going to connect to the management portal to the 2/3 / and administer fault user and open night as before possible

okay we are here is the initial system check okay database is the default parameters of the station info before parameters this is TP of the switch in my case too yeah yeah this is the IP in mm1 215 this SNMP communities this disco big poor that we are using is one you see this admin my password and my enable safer next wait this is the information that we have set up in the previous with that we can fail yes we confirm yes service belong yes okay and now it is configure with and check that all configuration is in place we can go to the HCP and we have here a DHCP D okay we have the content poles reducible and users for some review users pool we can see that this is the information that we have set up before boot and my BM is rebooting and now we can review while it is rebooting what is the configuration that we need to set up in the client in this case ok this is a Windows XP ok this isn’t a Spanish we need to use this service ok I suppose that it should be something like automatic configuration for wide networks should be started as soon as it is a started 10 we can come here properties will have this tab we need to Mabel the identification by hedalin– 2.1 x hearing the configuration ok we haven’t set up a valid certificate for home service so or radius server 10 we need to uncheck this validate the server certificate and we have here this configuration ok we are not doing single sign-on time we need to disco figure this option cancel here you need to cancer ok is to see if it is started yeah it already started and then we can you okay we login again status okay we can see that we have our first collection this case is the laptop this is the mat this is the P that we have sent this is the IP of the switch this is the port for the team okay what is the data what is the belong what is the rule that has been applied in this case what this is in color orange because the device is not registered okay having tried notification using the Mac and as it is not registered and we have offer belong of registry here and we can go okay we can we need to access

directly to the P of registry because we are using here connection we are using the Wi-Fi in order to access to the VNC server but in a normal environment we can put here any IP any URL and tell the captive portal will show this we show this portal locate is the register portal and we can access as a guest we can access as a registered user in this case I’m going to use this reducer open up and then I can do stanchion and have the ability to okay this is my doctor laptop okay and is a common except use policy we’ve safe okay now as you can see the cable has been disconnected this is an automatic action that open-neck do because that we want is to reforge a new identification to the nack system okay if we see for example we can change here or we can see here that we have found in the game and if we see the interface status right now it is the default interface because it is doing the identification this still doing identification because the suite needs to wait for some time before the switch do the identification let’s to review what is the status here it is not the steel they take but for example something that we can review here is that in user devices okay you have the new device that is already register okay as you can see is the user the one that can register new devices okay now we’ll have notification done means that probably now it has okay yes the villain has changed because now it is identification I’m probably fit we come here and the refresh yeah we can see that this is the user ok the data it has not still an AP because the DHCP client of the Windows XP one request maybe but here you can see that they need wood is already set up yeah okay here the problem is that probably we need to force an MEP yeah and we have the new EP in yes okay

we can see that this is the T is the port and now is black because it is a registered device okay this not using user identification now we can configure a user identification that it should be something like that properties identification I say okay we want to enable it and now okay I need to put my login password this case okay can we check what is they pick another half now you have the same a peel if I come here I will see that this Mac Alf will disappear okay why because we are using now the user identification in the in the soapy completely okay okay I think this is an a small lab using open knack of course this is only the principles we will create new videos in the next few days and weeks in order to show all the power that we have create with this it would access control tool okay let me only remind that you can access to read mine side you can go to registry and you can access and you are called here and then you can collaborate in Oh community and okay it’s to provide us feedback about the tool and what you need in order to put in production and any comment will be work ok bye and thank you for watching us you