INSTALL EBOX STEP by STEPEbox is a fantastic tool once it's up and running. For some, especially those without much linux experience, installing ebox can be somewhat challenging. As a result, I've decided to write a quick HOWTO covering a typical ebox installation.
Prerequisites:1 Computer or server (old or new)
2 Network cards (They will be referred to as "eth0" and "eth1")
1 EBOX install CD burned from ISO.
1 Active Internet connection (DHCP or static)
1 CD-ROM drive (Set as default boot device)
Assumptions:This computer will act as the primary gateway for the local network
eth0 will be the WAN connection (Internet facing connection)
eth1 will be the LAN connection (Local Network) with an IP of 192.168.1.1
Ebox hostname will be DEMONET-SRV
Ebox will provide DHCP to the local network with a range of 192.168.1.100-150
Ebox Windows Domain name will be DEMONET
Ebox domain name will be DEMONET.LAN
EBox will allow all outgoing connections
EBox will provide DNS services for the local network
Administrator username: demoadmin
Administrator password: not2forget
Ebox Password: not2forget
Ebox admin port: 443
Initial Install:Once you have successfully burned an ebox ISO, you are ready to begin installing. Assuming you already have a functioning network in place with DHCP services, the easiest way to install is using DHCP from your existing network. No need to unplug that old linksys router...Not yet anyway.
Plug into your existing DHCP network via the WAN (eth0) port on the server. I know this seems backwards since you are on a local network, but it's easier to setup eBox from the outside->in than it is from the inside-> out.
Next, power-on and boot from the CD-ROM. Select "Install Ubuntu Server" and answer the generic setup options until you are asked to choose a network interface to configure.
Choose eth0 - If your network support dhcps it will automatically configure itself. If it doesn't, perhaps your cable is actually plugged into eth1. If this is the case, go ahead and move the cable to your second port. If it gets an IP be sure to label it eth0 or WAN. Personally I always label my ports WAN and LAN to avoid confusion later.
Choose a hostname:
DEMONET-SRVChoose your timezone:
timezonePartition your Disks: Choose "entire disk" unless you feel comfortable partitioning. Select LVM support if you plan on adding more disk capacity later.
Please note: This configuration does not provide any type of RAID. I generally use hardware RAID cards so it is transparent to the operating system.
After some time the disk(s) will be formated the system will reboot and ebox will begin to download it's packages.
Create an admin user:
demoadminCreate your ebox password:
not2forgetEbox port:
443Go get a cup of coffee....when you return ebox should boot up normally with a "
demonet-srv login:"
Post Install:Login using the "demoadmin" username and "not2forget" password.
Now verify your eth0 ip address:
#ifconfig
demoadmin@demonet-srv:~$ ifconfig
eth0 Link encap:Ethernet HWaddr 00:30:48:b0:a1:20
inet addr:192.168.1.81 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::230:48ff:feb0:a120/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:86 errors:0 dropped:0 overruns:0 frame:0
TX packets:146 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:13536 (13.2 KB) TX bytes:19600 (19.1 KB)
Base address:0x4000 Memory:d0a00000-d0a20000
In this case the IP of the new ebox is
192.168.1.81Setup LAN IP address:Next, from a
DIFFERENT computer log into the new ebox via the web interface:
https://192.168.1.81If all you get is "It works!" then you do not have the http
s://. Also, you will get certificate errors or warnings depending on your browser, ignore them or "add an exception" if you need to.
Login using the Ebox password: net2forget
Choose Network-> Interfaces from the Admin menu and select
eth1 (LAN):
Name:
LANMethod:
StaticExternal:
uncheckedIP Address: 192.168.1.1 (Don't worry if you are behind a router with the same IP, it won't matter at this point...nothing is plugged into the port)
Netmask: 255.255.255.0
Select "Change"
Select "Save"
Select "Save changes" in red. (Click the green arrow on any file change requests)
Finally,select "Summary" from the menu and you should be able to verify you LAN interface with the 192.168.1.1 IP address.
Setup NTPSelect
Module status->ntp"checked"System->Date/Time->Time synchronization with NTP servers-> EnabledSetup DNSDNS->Add newDomain:
demonet.lanActive DNS:
Module status->Domain Name System "checked"Setup DHCPDHCP->MenuSelect: eth1Common Options:
Default gateway:
eBoxSearch doamin:
eBox's domain:demonet.lanPrimary nameserver:
local eBox DNSSelect
"Change" Under
"Ranges" select
"Add new"Name:
WorkstationsFrom:
192.168.1.100To:
192.168.1.150Select
"Add"Activate DHCP:
Module status>dhcp server "checked"Setup users and groups:Groups-> Add groupGroup Name:
StaffComment:
Demo StaffSelect
"Change"Users--> Add userUser name:
testFull name:
Joe testComment:
testPassword:
not2forgetGroup:
StaffSelect
"Create"Activate users and groups and file sharing
Module Status->Users and Groups "checked"Setup Windows File sharingFile Sharing-> General SettingsWorking Mode:
PDCDomain Name:
DEMONETNetbios name:
DEMONET-SRVDescription:
Demo ServerQuota limit:
0Roaming Profiles:
DisabledSelect
"Change"Activate File Sharing:
Module status->File Sharing "checked"Select the
RED save changes to apply all the changes you made above.
Select "
Save Configuration"That completes the local services, we are now ready to let this server stand on it's own!
WAN Setup:IMPORTANT: Begin by removing the eth0 cable used to configure your eBox on the local network.
Next, plug in a cross-over cable or a small switch connected to the LAN (eth1) port of your eBox to a local network desktop or laptop. This device should not be connected to any other networks other than the new ebox network (via eth1) at this point.
If configured properly your laptop/desktop will automatically get an IP address from the new ebox server (Most likely 192.168.1.150).
Now access the ebox server (from the client device)
https://192.168.1.1
Select Network-> Interfaces>Tab:eth0**ENTER YOUR ISP IP INFO HERE**Name:
WANMethod:
Static (Your ISP may be DHCP, but ebox works best with static addresses...DHCP will work though)
IP adress:
10.10.10.1Netmask:
255.255.255.0External:
"Checked"Setup a gateway:Select Network-> GatewaysSelect
"Add new"IP address (ISP provided):
10.10.10.2Interface:
eth0Default:
"checked"Select
"Change"Setup Firewall:This will allow all outgoing connections to the Internet. (eBox is secure by default, it is up to you how much access you want to give....for this example we will "allow all" outgoing connections)
Activate Firewall:
Module status->Firewall "checked"Select Firewall->Packet Filter->Filtering rules for internal networks->Configure RulesSelect
"Add new"Decision:
AcceptSource:
AnyDestination:
AnyService:
AnyDescription:
Allow all outgoingSelect
"add"Go LiveYou can now safely remove your old Internet firerwall/gateway and plug you ISP ethernet into your eBox WAN port (eth0). If you everything is correct, you should be able to access the internet and see you new server on the network.
I hope this helps.
-Jim