User Login      + Register  

Secureoffice Virtual Machine  SecureOffice  xoops  29-Nov-2020 22:20  0  757 reads

Table_of_Contents

1      Install SecureOffice Virtual Machine

1.1                Configure SecureOffice Basic Networking

1.1.1      Disable VmWare DHCP Service

1.1.2      Configure SecureOffice WAN Interface

1.1.3      Configure SecureOffice LAN Interface

1.2                SecureOffice Full LAN Interface

List of Figures

Figure 1:       VmWare DHCP Service

Figure 2:       VmWare Network Bridged

Figure 3:       VmWare Network Custom

Figure 4:       Host Network Interfaces

Figure 5:       Host Network Configuration

Figure 6:       Bridge Eth2 To LAN

1      Install SecureOffice Virtual Machine

Users wishing to avoid the complexity, cost, time and effort of selecting and configuring real hardware or seeking instant gratification can run a pre-installed, free SecureOffice virtual machine. Later, once real hardware is selected and available, configuration can be backed-up and restored to real hardware. No hardware except a host PC or laptop running free VmWare Workstation is required. This approach provides a way to determine if you want to invest in hardware or to quickly proceed while waiting for hardware.

These instructions are for Windows users. Instructions are similar for Linux.

SecureOffice running as a virtual machine has the following limitations:

  • Since SecureOffice is not the primary router, it is running in LAN topology, requiring further network configuration of upstream routers and firewalls.
  • The ports forwarded in the above network configuration must be opened on the host PC firewall.
  • Virtual machines cannot run virtual machines, which means that the VmWare Workstation premium application cannot be used. It is possible to run other virtual machines (on the host PC) to provide webserver, email and other services. Later, once hardware is available, these virtual machines can be reconfigured, moved and run under SecureOffice using the premium Vmware Workstation application.
  • Extra configuration is required to use the SecureOffice LAN interface which can be a dedicated virtual network interface for the host PC only for configuration and services or, the LAN interface can be bridged to a real ethernet interface (USB ethernet dongle, ethernet card) to provide a generally available LAN for services.
  • No WiFi unless you connect a host PC WiFi card to the virtual machine and a Linux driver exists for it. If the host has only one WiFi card, host WiFi will be lost by connecting it to a virtual machine.
  • There will be a slight reduction in performance due to running as a virtual machine.

To acquire and install the SecureOffice virtual machine:

  • Install VmWare Workstation on a PC or Laptop. Installation instructions are located here.
  • Download the SecureOffice virtual machine from here. Unzip the downloaded archive (instructions here) to the desired directory location.
  • Open Vmware Workstation, select "Open a Virtual Machine", navigate to where you extracted the SecureOffice virtual machine, select "SecureOfficeVM-r13710.vmx" (revision may differ), select "Open". Do not run the virtual machine yet.
  • In the next section, the host PC network adaptors will be configured for SecureOffice internet access and to provide a dedicated host only interface for SecureOffice LAN.
  • Optionally, full SecureOffice LAN functionality can be configured by bridging to a physical ethernet adaptor (ethernet card or USB dongle) on the host PC.

1.1                Configure SecureOffice Basic Networking

This is the default virtual machine configuration. The SecureOffice WAN interface is bridged to the local LAN on the host PC provided by your upstream router. The SecureOffice virtual machine will be able to access the entire LAN and internet. PC's on the LAN will be able to access SecureOffice if the SecureOffice firewall is configured to allow it.

Only the host PC will be able to communicate with the SecureOffice LAN using the VmWare Workstation VMnet1 ethernet interface.

If full SecureOffice LAN functionality is required (for connecting multiple devices), add and bridge to a SecureOffice LAN ethernet interface (SecureOffice Full Lan Interface).

The SecureOffice LAN is (default) connected to host ethernet adapter VMnet1 which VmWare Workstation installs automatically. This adapter must be configured to automatically receive an IP address from the SecureOffice virtual machine.

1.1.1      Disable VmWare DHCP Service

The VmWare Workstation DHCP service must be disabled on the host PC to avoid conflicts. This will affect all virtual machines on the host PC, some of which may depend on VmWare DHCP. If this is a problem, there are two alternatives:

  • Leave this service enabled with the consequence that static IP addresses must be assigned to all SecureOffice LAN devices, including VMnet1 and devices connected to the full LAN interface.
  • Disable the service, assign static IP addresses to all ethernet (real or virtual) interfaces that virtual machines use.

DHCP service (for SecureOffice LAN devices) is provided by SecureOffice. This includes VMnet1 and any devices that are connected using the optional full (real) LAN interface interface.

To stop and disable the VmWare DHCP Service: "Start Menu -> Computer (right click) -> Manage -> Services and Applications -> Services" or search control panel for services. You will see the services control panel, as below (scroll down to VmWare DHCP):

 

Figure 1: VmWare DHCP Service

Right click on "VMware DHCP Services", select "Stop"

Right click on "VMware DHCP Services", select "Properties" and change "Startup Type" to "Disabled". Press "OK".

1.1.2      Configure SecureOffice WAN Interface

The SecureOffice WAN interface is bridged to the internet gateway ethernet interface on the host PC, sharing the host PC internet connection. This corresponds to interface "eth1" assigned as the WAN interface within the virtual machine.

Stop the SecureOffice virtual machine, if it is running (login user:"root", password:"admin_54321", enter "shutdown" from within virtual machine console). Start VmWare Workstation again, select, but do not run the SecureOffice virtual machine. Select "Edit Virtual Machine Settings". Select "Network Adapter 2 (Bridged)", "Configure Adapters". You will see something like the figure below.

 

Figure 2: VmWare Network Bridged

The settings should be as above except in "Automatic Bridging Settings" where the host PC ethernet adapter providing internet access (only one) must be selected. Press, "OK" twice.

1.1.3      Configure SecureOffice LAN Interface

The SecureOffice LAN interface is connected to the VMnet1 ethernet interface (created by VmWare Workstation install) on the host PC, providing a dedicated interface to the SecureOffice LAN. This corresponds to interface "eth0" assigned as the LAN interface within the virtual machine.

Stop the SecureOffice virtual machine, if it is running (login user:"root", password:"admin_54321", enter "shutdown" from within virtual machine console). Start VmWare Workstation again, select, but do not run the SecureOffice virtual machine. Select "Edit Virtual Machine Settings". Select "Network Adapter Custom (VMnet1)". You will see something like the figure below. This is the default SecureOffice VM configuration. Insure it is as shown below, then press "OK" to exit.

 

Figure 3: VmWare Network Custom

In Windows (on host PC), navigate to "Control Panel -> Network and Internet -> Network Connections". You will see something like the figure below:

 

Figure 4: Host Network Interfaces

Right click on "VMnet1", select "Properties", select "Internet Protocol Version 4", select "Properties". You will see something like the figure below.

 

Figure 5: Host Network Configuration

This sets your host PC (VMnet1 virtual ethernet interface) to receive a DHCP IP address from SecureOffice.

Change the "Preferred DNS server" entry as above (Google DNS) or, to your preferred DNS server. Click "OK"

If full SecureOffice LAN access (by devices other than your host PC) is required, skip to the next section.

Start VmWare Workstation, select, the SecureOffice virtual machine. select "Play Virtual Machine". If VmWare asks whether you moved or copied the virtual machine, select "I copied it". SecureOffice will boot.

Communication can be tested by (host command prompt): "ping 192.168.10.1" and / or entering the SecureOffice LAN address in the address bar of a browser to access the SecureOffice Luci configuration interface.

In subsequent sections, you will be using LAN network topology.

Proceed to OpenWrt configuration (skip following hardware installation steps). You are now ready to install extra packages and configure SecureOffice and your network for your own applications.

1.2                SecureOffice Full LAN Interface

The SecureOffice LAN will be bridged to a dedicated ethernet interface (device or USB dongle) on the host PC, allowing all devices (including ethernet switches / hubs) connected to it to have full access to the SecureOffice LAN.

The bridging is done by giving VmWare control of the network device on the host PC (Player - > Removable devices ->Device Name -> Connect) which allows SecureOffice to control the device natively. This requires a driver for the device to be installed on SecureOffice. For simplicity sake, it is assumed the device is a USB ethernet dongle. SecureOffice comes with pre-installed drivers for the following USB ethernet devices:

  • kmod-usb-net - Kernel modules for USB-to-Ethernet convertors
  • kmod-usb-net-asix - Kernel module for USB-to-Ethernet Asix convertors
  • kmod-usb-net-cdc-ether - Kernel support for USB CDC Ethernet devices
  • kmod-usb-net-dm9601-ether - Kernel support for USB DM9601 devices
  • kmod-usb-net-rndis - Kernel support for RNDIS connections
  • kmod-usb-net-rtl8152 - Kernel module for USB-to-Ethernet Realtek 8152 USB2.0/3.0 convertors

Start VmWare Workstation, select, the SecureOffice virtual machine. select "Play Virtual Machine". If VmWare asks whether you moved or copied the virtual machine, select "I copied it". SecureOffice will boot.

  • Connect your USB ethernet dongle to the host PC. Wait for it to be recognized and installed by Windows.
  • Using VmWare Workstation, connect the device to the virtual machine by selecting "Player - > Removable devices ->Device Name -> Connect"
  • Using Putty on host PC or other secure shell client, connect to SecureOffice LAN (open a command prompt) using address 192.168.10.1.
  • Login to SecureOffice (user:"root", password:"admin_54321"). At the command prompt enter "dmesg | grep eth2". If you see a line containing "eth2", the driver required (kmod-usb-net-asix or kmod-usb-net-dm9601-ether) is already installed.

If you do not see a line containing "eth2", the required driver must be identified and installed:

  • At the command prompt enter "lsusb". A list of devices containing entries of the form "ID xxxx:yyyy" will be displayed.
  • Do an internet search for "usb ID xxxx:yyyy" to determine the Linux driver required.
  • If the driver is not in the above list, get another USB ethernet dongle, start again and report the missing driver in the forum.
  • Install the required driver by entering "opkg update; opkg install [driver]", for example "opkg update; opkg install kmod-usb-net-rtl8152"
  • After the driver is installed and "dmesg | grep eth2" shows "eth2", the new ethernet interface can be bridged to the LAN.

Use the nano editor: "nano /etc/config/network". Add eth2 to the lan bridge as shown below, save the file and exit nano:

config interface 'lan'

option ifname 'eth0 eth2'

option type 'bridge'

option proto 'static'

option ipaddr '192.168.10.1'

option netmask '255.255.255.0'

option dns '192.168.10.1'

option ip6assign '60'

Figure 6: Bridge Eth2 To LAN

Enter "/etc/init.d/network restart" to have the changes take effect.

Connect another PC or laptop to the dedicated LAN interface (optionally via an ethernet switch or hub).

Communication can be tested by the PC connected to the new LAN interface (command prompt): "ping 192.168.10.1" and / or entering the SecureOffice LAN address in the address bar of a browser to access the SecureOffice Luci configuration interface.

In subsequent sections, you will be using LAN network topology.

Proceed to OpenWrt configuration. You are now ready to install extra packages and configure SecureOffice and network for your own applications.

Rating 0/5
Rating: 0/5 (0 votes)
Votes are disable!
Print article
The comments are owned by the author. We aren't responsible for their content.

Technologies Used:

Design by: XOOPS UI/UX Team