# 安裝第一台GM ## 部署OVA 範本 在esxi 上設定OVA虛擬機 ![image](https://hackmd.io/_uploads/SkTMj6KhT.png) 選擇下載好的OVA ![image](https://hackmd.io/_uploads/r1tQiTYha.png) 部屬OVA 範本-選取計算資源 ![image](https://hackmd.io/_uploads/rJ3X2TY2T.png) 部屬OVA 範本-選擇組態(這邊選擇設備型號, 可依據需求選擇, 差異在設備的效能與規格, 例如DNS 的每秒queries數量,詳請參考datasheet) ![image](https://hackmd.io/_uploads/Sy4rhTYha.png) 進入console 介面,預設帳密admin/infoblox ![image](https://hackmd.io/_uploads/rkiDhaK3a.png) 使用`set network`設定內部相關網路資訊,包含ip mask defaultGW等等資訊 ![image](https://hackmd.io/_uploads/Bk352at26.png) ![image](https://hackmd.io/_uploads/r1gjn6Kh6.png) 利用`set temp_license`啟用功能,預設90 天,超過無法延長 啟用2,4,9,14(optional) ![image](https://hackmd.io/_uploads/HkVWaaKnT.png) 登入 infoblox webUI 介面![image](https://hackmd.io/_uploads/HJeo-ppK2T.png) 記得不勾選![image](https://hackmd.io/_uploads/ryHzTTYha.png) 首次登入會 進入first wizard 第一台設定 為GM![image](https://hackmd.io/_uploads/ry2fT6Kn6.png) 設定名稱密碼, 預設為"test" Hostname 可修改 ![image](https://hackmd.io/_uploads/rJu76ptna.png) 確認介面資訊後續可直接 按Finish ![image](https://hackmd.io/_uploads/By0Xpptn6.png) ## 安裝Reporter 注意要多給他一個硬碟 ![image](https://hackmd.io/_uploads/HJlSCpt2p.png) 登入Console介面 預設admin/infoblox 輸入指令`set network` 鍵入相關資訊 ![image](https://hackmd.io/_uploads/SJNQHkq2T.png) 輸入指令`set temp_license` 按下4先指定型號為reporter (項次16) ![image](https://hackmd.io/_uploads/rJYjpTKnp.png) 會出現提示訊息說空間要250 temp license會有60天 ![image](https://hackmd.io/_uploads/HJ17yCFhp.png) 接著安裝grid license `set temp_license` 選項2 連續三個y ![螢幕擷取畫面 2024-02-26 164706](https://hackmd.io/_uploads/H1tbaRFha.png) ## 登入WEB 登入infoblox webUI 介面 ![image](https://hackmd.io/_uploads/B1RBA0Yh6.png) 記得不勾選 ![image](https://hackmd.io/_uploads/S1vLAAY2p.png) 首次登入會進入first wizard 第一台設定為GM ![image](https://hackmd.io/_uploads/ByDvRCFhT.png) 設定名稱密碼,預設為test Hostname可修改 ![image](https://hackmd.io/_uploads/Sk-dA0F2a.png) 確認介面資訊 後續可直接按Finish ![image](https://hackmd.io/_uploads/H1OlJyq2a.png) ## 啟用DNS 於Grid 設定DNS Service並按下撥放鍵啟用 ![image](https://hackmd.io/_uploads/B1vlMhThT.png) 會跳出一個視窗問要不要啟用DNS Service服務,按下Yes ![image](https://hackmd.io/_uploads/HkN9f2T3p.png) 可以利用畫面的重新整理更新畫面 ![image](https://hackmd.io/_uploads/BkSaG263a.png) 注意到她畫面變成Working ![image](https://hackmd.io/_uploads/H1JgXh6na.png) 設定Recursion啟用,於DNS Service選擇edit後 Queries分頁勾選Allow Recursion 並按下Save & close ![image](https://hackmd.io/_uploads/B1eqnls26.png) 按下去後會出現還沒設定trust anchor 要不要啟用 選擇yes ![image](https://hackmd.io/_uploads/ry4KQhT3T.png) 最上方會出現設定需要重啟服務,問你要不要重啟 ![image](https://hackmd.io/_uploads/HJWxV3php.png) 點選restart後 進入此畫面在按下restart ![image](https://hackmd.io/_uploads/H1nQEn6np.png) 設定內部Zone,點選Data Management->Zone->按下新增 ![image](https://hackmd.io/_uploads/rJsqhejna.png) 輸入相關zone資訊,加號下面設定ext primary& grid secondary, 之後才能解析內部DNS資訊 ![image](https://hackmd.io/_uploads/Sy8s3esn6.png) ![image](https://hackmd.io/_uploads/HyYo2ls3T.png) ![image](https://hackmd.io/_uploads/SyJ2hls3p.png) ## 新增Member 選擇Grid 按下新增 ![image](https://hackmd.io/_uploads/Byu0Co6np.png) 選擇Viryual Nios,輸入hostname ![image](https://hackmd.io/_uploads/HyHMk1q36.png) 輸入相關介面資訊並按下save&close ![image](https://hackmd.io/_uploads/ryTfJ19hp.png) 於console中設定set membership (注意,網路等相關設定應該已經在安裝Reporter步驟完成) ![image](https://hackmd.io/_uploads/rkH7yJ93T.png) 完成後,應會看到他進入running的畫面 ![image](https://hackmd.io/_uploads/H1WTlkq3T.png) 可以在console看到她去找grid master報到 ![image](https://hackmd.io/_uploads/SkMCu1526.png) ## 設定RPZ相關功能 先設定Name Server Group 設定兩筆如右圖 ![image](https://hackmd.io/_uploads/rkK80nT3p.png) 外部ext primary RPZ IP: 61.216.133.103 Key Name: TSIG-METAAGE Key Algorithm: HMAC-MD5 Key Data: D5bU9A9GkKna6w4XH+vxiFSw3R9TBqMdh5umRPbO6Hq9CuANwHz8dpmWJYhXE8sUv0pwKyUkq8x8sKEExjBw3g== 內部Grid直接指定GM ![image](https://hackmd.io/_uploads/Sk5Dvpah6.png) RPZ清單表格整理如下 感謝 @farmer87 整理的API作法 | feed | rpz_name | | --- | --- | | AntiMalware | antimalware.rpz.infoblox.local | | Base | base.rpz.infoblox.local | | Bogon | bogon.rpz.infoblox.local | | DHS_AIS_Domain | dhs-ais-domain.rpz.infoblox.local | | DHS_AIS_IP | dhs-ais-ip.rpz.infoblox.local | | NCCIC_Host | nccic-host.rpz.infoblox.local | | NCCIC_IP | nccic-ip.rpz.infoblox.local | | Ransomware | ransomware.rpz.infoblox.local | | AntiMalware_IP | antimalware-ip.rpz.infoblox.local | | Bot_IP | bot-ip.rpz.infoblox.local | | Cryptocurrency | cryptocurrency.rpz.infoblox.local | | ExploitKit_IP | exploitkit-ip.rpz.infoblox.local | | Malware_DGA | malware-dga.rpz.infoblox.local | | SURBL_Fresh | fresh-domain.surbl.rpz.infoblox.local | | SURBL_Multi | multi-domain.surbl.rpz.infoblox.local | | SURBL_Multi_Lite | surbl-lite.rpz.infoblox.local | | TOR_Exit_Node_IP | tor-exit-node-ip.rpz.infoblox.local | 設定RPZ清單 ![image](https://hackmd.io/_uploads/B1ROPpp36.png) 設定RPZ Feed ![image](https://hackmd.io/_uploads/SkDtPpa3a.png) 指定Name Server Group ![image](https://hackmd.io/_uploads/BJ6tDpT3T.png)