How to run eve-ng in GCP 2021 version | Infini Tech | Skillshare

Playback Speed

  • 0.5x
  • 1x (Normal)
  • 1.25x
  • 1.5x
  • 2x

How to run eve-ng in GCP 2021 version

teacher avatar Infini Tech, Network, Security, and cloud Fan

Watch this class and thousands more

Get unlimited access to every class
Taught by industry leaders & working professionals
Topics include illustration, design, photography, and more

Watch this class and thousands more

Get unlimited access to every class
Taught by industry leaders & working professionals
Topics include illustration, design, photography, and more

Lessons in This Class

9 Lessons (51m)
    • 1. Welcome

    • 2. Eve-ng what is it

    • 3. Setup eve-ng in GCP

    • 4. Creating the configuration

    • 5. Create a VM to test

    • 6. Setup eve-ng to allow VM's to connect

    • 7. Create a ubuntu VM

    • 8. Setup SSL on eve-ng

    • 9. Thank You

  • --
  • Beginner level
  • Intermediate level
  • Advanced level
  • All levels
  • Beg/Int level
  • Int/Adv level

Community Generated

The level is determined by a majority opinion of students who have reviewed this class. The teacher's recommendation is shown until at least 5 student responses are collected.





About This Class

This course will show student how to deploy eve-ng in google cloud platform. This solution can be used in lieu of using under-powered virtual machine running on  personal windows or mac device. This solution allows the user to resize the eve-ng virtual instance on the fly to accommodate different practice scenarios for your testing. It can be used to practice for different simulation scenarios.

EVE-NG community edition is the free version of EVE-NG. Even thought it's free, it's capable of running 63 VM instances. You can leverage google cloud to allow you not to rely on hardware.

EVE-NG community edition is the defacto standard for people learning networking and other systems related topics.

The guides on how to setup EVE-NG to give you the optimal configuration is not really a topic that a lot of people know and there is a lot of confusion about.

This class shows you the detailed steps that you can take to configure a Ubuntu 16.04 server with the eve-ng software and the configuration needed on the vm to allow it network connectivity to both Google Cloud VMs and the Internet.

The class covers:

  • How to setup eve-ng in GCP.

  • Configuring the eve-ng community edition to allow your eve-ng instances to access the Internet.

  • Configure a golden ubuntu image.

Meet Your Teacher

Teacher Profile Image

Infini Tech

Network, Security, and cloud Fan



I am a learner and a teacher who is passionate about technology including topics covering network and network security. I am fond about next generation firewall products as well as both learning and teaching.

See full profile

Class Ratings

Expectations Met?
  • Exceeded!
  • Yes
  • Somewhat
  • Not really
Reviews Archive

In October 2018, we updated our review system to improve the way we collect feedback. Below are the reviews written before that update.

Why Join Skillshare?

Take award-winning Skillshare Original Classes

Each class has short lessons, hands-on projects

Your membership supports Skillshare teachers

Learn From Anywhere

Take classes on the go with the Skillshare app. Stream or download to watch on the plane, the subway, or wherever you learn best.


1. Welcome: I am happy that you are visiting my class. This class is focused on how to set up event G in Google Cloud so you can set up lab environment. Event G is the most widely used software and is used by students of the Cisco CCNE exam and others. Event G has a graphical movie that allows you to easily drag and drop VMs and connect them to the network. This would allow you to test and learn networking, system administration and the mole. In this class, I will show you how to run event free version in GCP. Do you can also benefit from Google 300 dollars credit if available to get you to practice in lab things for free. That's the focus of this class. Let's get started. 2. Eve-ng what is it: Getting an on-demand lab environment really comes in handy if you are studying for any technology topic. Event G is a virtualization solution that allows you to visually set up virtual machines. It's kind of like VMware, ESX or Linux KVM. This solution is commonly used by people who are preparing for Cisco certification, Microsoft certification, or other certifications. Most eventually users like the solution because of its ease of use to you can create times as you like, do you can drag and drop the VMs. Do you can easily connect the VMs to the network. All this can be done in a GUI format. It's way similar to when you are creating a Visio diagram. You can drag and drop objects into the Canvas. Do you can easily add and delete Virtual Machines. Let me show you here. For example, I am going to add a Windows virtual machine here. I can easily right-click on it and change it. I can easily change the number of interfaces or the number of CPUs presented to the VM RI can change the memory, and I can add nodes easily. I can right-click in the Canvas and click node. I can add any of those nodes. If I have the VM configured in the event G appliance, right now I have only windows configured. Let me change this machine to have two Ethernet interfaces. Now I can easily connect the two VMs together. I can also add a bridge and use that bridge to connect the virtual machines together. I can click on the bridge and drag to connect the bridge to the virtual machines. The flexibility of dragging and dropping virtual machines as you wish is amazing. I can add a test note as well. Event G comes with a virtual PC that allows you to add nodes easily. Those don't require any images and would allow you to easily test connectivity. The flexibility that you have with this event G solution allows you to practice different things for your learning experience. What are the options of running event G? Do you can run event G on physical hardware that is capable of virtualization. In this case, this is called bare metal installation. And in order for you to run it on bare metal, you need to have capable hardware. Typical PC's have eight cores. You can also spend on upscale computers and get a higher count of CPU cores. You can spend more money and get the 16 cause machine. But at the end of the day, this will cost you a pretty penny and you might not even be actively using this on a constant basis. Let's do a search in eBay on a 16 core server, for example. Do you can find cheap servers that have 16 cores. However, those servers are loud and noisy and they consume a lot of power as well. If you live in an environment where you don't have the flexibility of running a server that's loud. Also, if you don't want to deal with the power consumptions, it takes power to run those servers. Do you can have a machine like this, but that is costly, right? It has cost associated to it. Do you have the cost of the hardware and the cost of power? Do you also have the issue of noise to deal with? Do you have many disadvantages of running IV NG on physical hardware? If you want to buy a PC and use it for event. This would be an example that's an HP Server with 16 gig of RAM and 128 gig SSD for $549. Well, There is cost associated with buying hardware and running the hardware. The other solution is to run it as a virtual machine on your desktop. Most people on average have four CPUs and eight gig of RAM. If you want to run the event G on a VirtualBox or VMware workstation, your PC will not have enough power to be able to run a lot of VMs. You can still run the event JVM. However, it's not going to have enough power to be able to practice for your CCNE. If you add two switches to VMs, to Cisco, CSR's, that's basically going to bog down your machine to the point that you cannot use it. So what's the alternative? The other solution is to run it on Google Cloud. The nice thing about Google Cloud is that you can easily customize your machine to what you're testing. For example, this machine right now has one vCPU and four gig of memory. And if I'm testing something and I need to run more CPUs to be able to support five VMs. In that case, I can stop the machine. And then once it is stopped, I can easily change it from one vCPU to four CPUs or eight. This would be a very simple. And then Google Cloud also give you a $300 credit that you can use for the first year. So you have $300 that you can use. And typical Google pricing is as follows. If you run a VM that's one week CPU and four gig of memory, that would cost you around $0.04 an hour. And they also do per second billing. If you have the free tier, you can go up to eight CPUs and 30 gig of memory, which costs $0.38 an hour. Say you're going to be using Google to practice the $300 divided by 38 cents. You can have 789 hours to practice. Divided by 24. That's 32 days practicing. You can have that VM running for 32 days out of the first year. And that's probably more than enough to not justify buying hardware. You can run the VM on Google Cloud and practice using event G for many hours for free. Anytime you want to increase the number of CPUs, you can stop the machine. Do you can then edit the machine and increase the number of CPUs. You can then change it and customize it. Since this is the free tier, you can go up to eight CPUs and 30 gigs of RAM. Basically, you can stop and restart the machine. And you would have the ability of running this many vCPUs without basically having additional costs. When you set up Google account, you get the free credit that you can use across the first 365 days. So that's pretty nice. So what are the event G software version? There are different software levels. There is a Community Edition and also there's a paid version. In this class. I'm going to show you how to run the community edition on Google Cloud, which will basically not cost you anything for software. What are the different editions? And what are the features? So if you compare editions, you can run up to 63 nodes on the community edition, which is the free edition. Do you can go up to 10, 24 nodes on the professional edition, which is overkill, like if you're studying for CC and a CCMP or CCI is 63 nodes is more than enough. Do you can easily use Google Cloud save money? Practice for 32 asks for free. Do you can even increase the number of CPUs to be on date CPUs. This would require you to change your subscription to the paid subscription. You can go up to 64 vCPUs and 240 gig of RAM, which is probably overkill. You can run 63 nodes very easily. It costs $3 an hour to run it this way. But this is way cheaper than buying hardware. Let's say you're doing a lab. If you are going to study for four hours, that's $12. Most solutions that gives you the ability to rent labs is going to cost you more than that. Let's see here. What can you run on event? Do you can run Cisco ASA, you can run F5, you can also run Cisco eyes. Those are basically templates for different virtual machines that you can run an event. In order for you to run any of those virtual machines, you would need to have the software itself. Event G doesn't come with any software. Event. You just basically gives you the ability to install the VM image from different vendors and run it in your lab for testing. Event G also has a lot of how to then guide. 3. Setup eve-ng in GCP: Google Cloud is very generous and if you open a new account, they give you a $300 credit. Google Cloud is pretty much the only Cloud platform that allows you to have one year of free trial with the $300 credit. The free trial allows you to run pretty much any software available under the Google Cloud Launcher. This includes things like Palo Alto firewalls as well as Cisco, CSR and mole. And you have a $300 credit to use for the period of one year, which is pretty generous and pretty nice for people who are studying for their CCNE or studying for other certifications. Now, the conditions to have a Google Cloud account is for you to provide your real name and your phone number where you can get send a text message from Google. And then you would need a credit card that is valid. They will not charge your account. However, they will keep your credit card on record in case you go over the $300 credit. If you go above the $300 credit, what happens actually is that Google will basically stop you from running additional VMs. They will ask you to activate your paid account. It's kind of a safety measure. In reality, do you cannot really exceed the $300 credit without Google getting your approval? And the cost is pretty reasonable when it comes to running the Google VM under the paid account. So it's a nice solution for you to be able to practice and kick the tires without getting charged. The first thing you have to do is when you want to get the Google Cloud account, you basically have to click on the try it free. Once you have the account, you would need to do the first step, which is to download the SDK. So the SDK is needed for us to be able to interact with Google via CLI and create the VM that we will use for ENG. To get to the SDK, Let's run a Google search to find it. Do you can download the SDK for Windows, Linux, and Mac. The Google Cloud SDK would allow you to run PowerShell commands against your Google Cloud account. So most people use Windows. You can click on Install for Windows and just download the software and run it. And then once you run it, you will need to open up PowerShell. Powershell is available on Windows and typically has an icon. You can click the Windows icon and search for it as well. Do you need to run it as administrator? Then you would need to run the command GCloud followed by a space, followed by ADH, and then login. It's going to ask you to allow the Cloud SDK to access your Google account. It's going to ask you to allow it access to your account. And then once you give the permissions, it's going to basically tie your account to the PowerShell configuration. And then once it's tied into the PowerShell configuration, you can go to the PowerShell and then use PowerShell to configure Google Cloud resources. But one of the things that is probably best to do is to create a new project. You can click on the drop-down and then create a new project. This new project can be used for your event G testing. Do you can have up to 24 projects with your free account. So Projects allows you to differentiate between different configuration that you have and it's better to create event in its own project. So we are going to create event G1. And then once you click Create, it is going to create the project. And then once it creates the project, basically it will assign a project ID. This project ID can be configured in the Cloud SDK so you can issue commands and provision resources in this project. So I will copy the ID. And then I am going to go to the command prompt. I am then going to issue the command G Cloud Config, Set Project and then follow this by the project name. Now PowerShell is tied to this project. The commands that you will issue will be executed against this project that you just created. So if we switch to the project that we just created here, even G1, now it has no VMs on no instances. The first thing you have to do is you clone the image of Ubuntu 160 for which Eve NG is built on. Do you clone the image into your own image name? And then you enable the hardware virtualization that allows you to run nested virtualization, which is a VM within a VM. Because you have event G as a virtual machine running in a virtualized environment. You can connect them to each other and create your own virtualized environment where you can test your CCNE, your Palo Alto, whatever software you want to test. 4. Creating the configuration: We will see how to clone the VM image from the standard one to 1640 image in Google Cloud. And then we will enable the virtualization extensions. And this would allow us to create a VM that is capable of nested virtualization. That means a virtual machine within another virtual machine. We need to go to PowerShell so that we can issue commands against Google Cloud. The Google Cloud SDK was authenticated in the previous lecture. Basically, you need to run the command G Cloud compute images. We are basically going to create a new image, and we are going to call the new image event G image. We will source the image project from Ubuntu OS Cloud. And then in the source image, we will specify family who went to 16 or four dash LTS, which stands for long-term support. And then we have gone to basically use Google API extensions that allows for us to run nested virtualization. We will basically enabled VMX, which allow us to run virtualization. So G Cloud compute images create event G image, that's the name of the image. I didn't type the word project correctly. And in the licenses parameter, this enables the VMX extension. It's going to take a minute here and then it should show up that it created the clone image. So let's see. It takes a little bit of time. So this shows that the image was created and cloned out of the Ubuntu 1600 for long-term support. And it shows the project number that we have created in the previous lecture. So now what do you need to do is go to Create under VM instances. And then we will create an instance. We'll call this event G. And you can use the region that you want. I will use US Central. And then we will customize it. We will customize the CPU platform and choose Intel sky Laika later. Those CPUs have the capabilities of doing virtualization. And then you will basically specify the boot disk. We have to change the boot disk to the custom images, which is the event G image that you created. Now, it's also very important that you create a persistent that has enough space to accommodate the different VMs that you are going to create an event G. So personally, 300 gay guy I think is sufficient. You can attach another disk if you need to down the road. But it's important that the main disk has enough space to run the different projects because you can attach another disk and then put your working folder there. But the folder that is used for the Temp folder, which is the main place where event G stores the working VM images. It has to be on the main drive. So click select on that. And then one very important step that you have to do is under networking, choose the region that you want. You can use the default region. This is basically a network that's created. But one more very important thing that you need to make sure you do is to enable the IP forwarding. Because if you don't have IP forwarding, you will not be able to send traffic from Google Cloud VMs to this VM. It is important that you have this checked in Enable. Now primary internal IP. I prefer to use it as customed to specify the IP address. This way when I add routes down the road, I know where to send the traffic to. I will specify 10 128 dot dot. You can add custom routes to forward traffic from other VMs to the event GBM. That's why you have to enable the IP forwarding. This IP is going to be used to forward traffic to the event GBM. If you need to. Keep in mind that the IP forwarding can only be set as you create the image. Do you cannot modify the setting afterwards. And one more thing we can do is enable the serial console. This way we can connect to the console to check the status. Also, this comes in handy if you want to troubleshoot anything. 5. Create a VM to test: First thing we need to do is open that instance by double-clicking on it. Then we will open an SSH session to it. So we can do the installation of event G. Enable the console if you haven't done so. Click on the browser based SSH client. This should automatically log you in. Google handles transferring the SSH keys to the instance so you can get in through the web browser. Now issue the command sudo dash I. Now enter the command W gets followed by a dash capital or do you need to leave a space, then put in a dash, then a space. Then you need to enter HTTP tripled w dot PNG, dotnet, forward slash, forward slash install dash dot SH. Do you need to pipe that batch file to pseudo bash dash II. This is basically a script that the event G creator put together. It is going to go through the installation process. Let it finish install. Then we need to run sudo apt update followed by sudo apt upgrade. This will give us the latest updates. Here, we will need to install the package, maintain a version of drug. Then you would need to reboot. Let's go back to the SSH session and wait for it to boot up. The first time you boot, it will ask you to enter the root password. Then you would need to confirm it. Unfortunately, it looks like I didn't enter the password correctly. Now, select the address to be DHCP and select that you are connecting directly. Let's reboot again. Actually, let me change the root password this way I don't love myself out. I will sudo SU and issue the command bus WD and change the root password just in case. Now, let's reboot. Now, I will log in with the password I said earlier. First time the installation wizard launches. Since I didn't do it successfully the first time, it's prompting me again. Make sure you select DHCP and direct connection. Now it is rebooting again. Let's use the root password we just added. That's good. We are able to login. Now. We need to login through the web interface. Now, I will try to access it from http. Actually, I need to enable HTTP and HTTPS. Let's edit the instance and allow those two protocols. Now, let's try again. It looks like it's still saving the settings. Okay, it started working now. Now the first time you login, the username is admin and the password is IV. Change your password. Now verify that you can login. You should be able to get back in now with the username admin, and the password you specified. 6. Setup eve-ng to allow VM's to connect: Now we can SSH into the event G instance. There are some software to install. First do sudo apt update. Then do sudo apt install IP tables Dash persistent. This will be used to save the firewall rules that we will create. Now, we need to install the DHCP server software. Do sudo apt install IIS DHCP server. Now you need to enable routing on the event G VM. You can do this by enabling the parameter net dot IPV4 dot IP underscore forward equal one. By default it is set to 0. So by default to 12 doesn't do routing. Adding it to the file will ensure it is persistent through reboots. The next software we will install as ISC dash DHCP server. Now we need to edit the default slash IS C dash DHCP server. We will add in the interfaces parameter, the interface PPE net one. Now we need to set up an IP address pool. This can be enabled in the file. Let's see, slash DHCP, DHCP d dot conf. We will simply remove the remarks in the section for the subnet, then double 5. We will modify it to be a slash 24. We will set up the range to be from 2006 to dot 100. We will use the quad a DNS server from Google. In the subnet mask, we will change it to triple to 55. For the router IP address. This is the IP address of the PPE net one interface that we will create in a minute here. We will also change the broadcast address to be 10, double five-dollar to 55. The next step is for us to enable the service. This can be enabled with the command system. Ctl enable IS C dash DHCP server. We will also run the command system CTL daemon reload. Okay? The next step is we will add a dummy interface to use for us to bridge the next one. We will run mode probe dummy, which enables the dummy module in the kernel. We will add an IP link of type dummy. We will call it dummies. We will also issue the IP link set up device dummies 0. Now we have to put the full path. Those three commands are under the sbin directory. Let's update the C dot local and put the full path for those commands. We now need to open the app slash networks slash interfaces. We will set interface be net 12 static. Instead of bridging Ethernet 0, we are bridging to dummy 0. We need to actually set this to be interfaced. Dummy's not been at one. However, since we are bringing up the interface in our C dot locals, this line doesn't really matter. The interface PPE net one is the cloud one interface. We will be changing the bridge to be bridging to the dummy 0 interface. This is where you attach the VMs in event G to get Internet access. We need to set interface PPE net one to be static. Now we will specify the IP address ten W5 D21, with a subnet mask off tripled to 55. Let me review the configuration quickly one more time before the next step. Looks good. Okay. The next step is for us to configure the firewall rule to do network address translation. This is needed so that our VM instances inside event G can reach the internet. The command is IP tables dash T spaced Matt, followed by a dash a for append. This will be in the post routing chain. I will be specific after traffic gets routed from 10 double slash 24. If the egress interfaces be net 0, this means this traffic needs to be network address translator to behind the event G instance. Now I am just specifically excluding RFC 1918 in case you want to route the traffic to other networks. Oftentimes event G gets connected to your environment and other networks. So technically we need to do masquerading or hiding only if the traffic is destined to something that is not RFC 1918. Now we need to save this by issuing the command IP tables Dash save followed by greater than sign. The greater than sign basically output the IP tables to be saved in a file. We will output it to the file at C slash ip tables slash rules dot V4. Now let's get this file to verify. Looks good. Now it's time to reboot. 7. Create a ubuntu VM: Now let's create a VM inside event G, so we can test. I will create a Ubuntu VM. First, we will need to go to the Ubuntu website. Then find the Ubuntu desktop image. I will use version 18.04. Then we would go to the CLI of the event G server. We will need to use the command W get and then paste the URL. This will download the ISO for Ubuntu 18. Now we will switch directory to slash, do NetLab slash add ons slash Gamow. We will create a folder and call it line X dash, 12 dash desktop. We will use the Move command to move the ISO file from the home folder to this folder and rename the file to CD ROM dot ISO. At the same time. We will then create the disk file using the command camo dash image space, create dash F, followed by q CO2 for file type. Then the filename, we will name the file word IOA, which means driveway. The last parameter is the disk size. I will specify 20 gig. Now we need to run the fixed permissions command. Do you can Google it. The command is under OP, your NetLab rappers slash UNL underscore wrapper followed by a dash. Then the parameter fixed permissions. This fixes the files permissions so that event, you can run it correctly. Now we will log into event G and create a new lab. I will add a network type bridge, and I will tie it to Cloud one. This basically is the interface PPE net one we created earlier. We will add node and select the U12 node that we created. We will now connect the Ubuntu desktop to the bridge for Cloud one. Before the next step, let me log out and log back in again. I will use the HTML console instead of the native console. The HTML Console allows you to connect to the console of your VMs without any additional software. It will connect just using the web browser. Let's start. Now. I will go through the Ubuntu's setup. I will choose the default is pretty much for username and password. I typically use Ubuntu for both. This way, it's easy to remember. Now it's installing. 12 is my favorite desktop as it doesn't require any licenses. After finishing this installation, we will verify that we can get on the Internet from this VM. This would prove to us that our setup was okay and had no issues. Okay, Let's restart. Hit Enter so that it can proceed to the reboot. The working folder for the lab is under slash slash. Lash, each lab would have a folder. There is only one lab, so this folder is for the lab we just added. Now, each VM also has a folder. We have only one VM, so the Ubuntu VM is under Folder 1. Now we see that the disk file word IOA is 7.2 gigabytes. Let's login to verify we can get to the internet. Okay, I will open Firefox. Now. Let's go to Google. We are able to reach Google. Let's do what is my IP? We have the correct IP address, which is the IP address of the event JVM. Now, if we go under OPT slash you NetLab slash temp, we have Folder 0 followed by the folder of the lab. Each VM has a folder. Since we have only one VM, it's Folder 1. When we do ls, we see that the word IO file is 7.2 gigabytes. But if we go to the OPCW, NetLab and the camo folder for this VM. And we do ls, we see that the disk file size is only 193 k. So our changes of installing the VM operating system is actually just associated with the V&V created, but not with the node template. In order to sync the two, we have to run the command camo commit. We will need to go to the lab folder and the folder for VM1. We then need to issue the command KML commit against the word IO disk file. This will sync the node disk file with the template. Before we do this, we need to shut down the VM. Let's do that first. I have to make sure it is shut down correctly so we don't have an issue with that template VM. Let's go to the console of the VM login and properly shut down the VM. Now, I will issue the command camo image commit against the word IO file. It will take a while for it to sink. The file is nine something gigs. To check the status, I will open a different SSH session and do the list command on the template word aisle file. I see it's 7.5 gig. Now it's 7.8. It's still going. Now, it's finished. It returned back the message that the image was committed. Let's launch a new VM so we can verify it. I will add another VM of type line next to 12. Let's verify that that image is working. Okay. We are able to login to it. So we are good. Now we have a golden image for Ubuntu desktop. We can easily add to 12 desktop nodes as we need. 8. Setup SSL on eve-ng: Okay, we need to enable SSL encryption on the web interface. This way, our password doesn't get captured by other people. If someone is capturing and you don't have SSL enabled, they would be able to easily get your password and login to ENG. Without SSL, your password is in clear text and easily captured. The first thing we have to do is enable the module for SSL in Apache. This is using the command a2 and for enable followed by mod 4 module, then space, then SSL. We would then need to restart the service. We will need to generate a self-signed certificate using this command. This utilizes OpenSSL to generate a self-signed certificate. Copy and paste this section from the ENG website and let's restart the service now. We will go ahead and use HTTPS when we login. This way our password is protected. I will clear history and try again. Now everything is protected using SSL. So we are good. 9. Thank You: Hopefully you enjoyed this class. Feel free to ping me if you have any questions. Share with me. What were you able to create using event G in GCP, I'd love to hear how this solution help to you.