Cloudmylab KnowledgeBase
            Knowledge Base Cloudmylab CCIE-SECURITY Hybrid Lab LAB ACCESS GUIDE

            Hybrid Security v5 Lab Access Guide

            Introduction


            Cloudmylab offers a platform to run any lab topology. CCIE Security v5 lab has been adopted
            from
            various vendors and is built on the topology and configuration provided by them. We have designed this lab with customers and online forum feedback. The Lab topology mentioned below is mostly virtual and it aligns with Cisco’s CCIE v5 blueprint.


            Audience

            This lab guide is intended for the students who are preparing for CCIE Security V5 and wish to use our platform for practicing the CCIE labs.

            Disclaimer

            These labs have been designed and built by topology provided by vendors selling CCIE workbooks and online student forums. Cloudmylab is not responsible for the accuracy of the labs or workbooks. Cloudmylab does not endorse any CCIE workbook vendor or company. We have designed our platform per Cisco’s blueprint and it can be used for any lab scenario. Students will be responsible for loading any pre-configuration. Cloudmylab does not sell any workbooks or CCIE topology.

            Legal Liability

            Cloudmylab is an IAAS (Infrastructure as a service), PAAS (Platform as a service) and LAAS (LAB as a service) provider. Cloudmylab either owns or lease the equipment used in the certification labs or proof of concept labs. Cloudmylab uses all genuine software either procured or evaluation from the manufacturer. Cloudmylab encourages its users to use their own licensing and/or lease it from Cloudmylab. Cloudmylab doesn’t resell hardware, software or licensing. Cloudmylab has no liability for software and licensing used by the customer in their purchased service instance. Cloudmylab doesn’t endorse any Cisco Certification labs workbook Vendors. Cloudmylab doesn’t endorse any Juniper Certification labs workbook Vendors. Cloudmylab doesn’t endorse any Microsoft Certification labs workbook Vendors. Cloudmylab doesn’t endorse any VMware Certification labs workbook Vendors.

             

            Do's and Don'ts


            1. Do not restart the EVE-NG server with a running topology. This will corrupt the files.
            2. Do not power off the devices while they are booting up.
            3. We recommend using Mozilla Firefox for the best experience.
            4. Use Google Chrome while using
            Cisco
            ISE and Firepower devices. It gives better performance.
            5. Use Firefox for Cisco WSA and WLC.


            LAB
            WALK THROUGH
              VIDEO


             

            Lab Design


             

            The above topology has been built on EVE-NG community edition, ESXi, and real Hardware devices.


            This lab has following hardware components
            1. 1 X Cisco 3750-X/3650/3850 POE Switch
            2. 1 X Cisco 79XX Phone
            3. 1 X 35XX/37XX access point

            This Lab has following Virtual Components

            1. EVE-NG XL SERVER
            2. FMC, AMP CLOUD, and Cisco ISE are hosted separately outside of EVE-NG for optimized performance
            3. Virtual Windows wireless PC with Wireless NIC

             

            Getting Access to the POD

             

            1. There are two methods you can get access to the access detail as mentioned below:
            1. Login with the credentials provided


            1. Once you login you will see a customized Desktop from where you can access all the devices

            How to reset the lab

            Note: After resetting the lab, AD server and client PCs inside the topology will lose their IP addresses.

            Reset devices inside EVE-NG topology:

            1. Make sure you first turn off all the devices inside the EVE-NG topology. To turn off, hover your mouse on the sidebar and click on More ActionsStop all nodes.

            2. Select all the images. To select, simply left click on an empty region and drag the selection.

            3. Right-click on any selected image and select the Wipe Selected option.

            4. When prompted, click Yes.

            Reset FMC and FireAMP cloud:

            1. Log in to VMware vSphere using the credentials provided in the access email. If you are using a session-based access, please use the following credentials:
              IP: 192.168.130.31
              Username: student
              Password: [email protected]

            2. Select the guest virtual machine.

            3. Right-click on the guest machine, click on the Snapshot and select Revert to current snapshot.

             

            Reset Cisco ISE:

            1. On Secure CRT, close all the tabs before proceeding.
            2. Under Reset to Base folder, double-click on ISE-CONFIG or ISE-TS based on the topology that you want to run. This will start the automatic restoration of base configurations. 
            • Note: that this process can take several minutes. Please don't close the tab, it will be closed automatically when the restoration is finished.

            Manual Reset Cisco ISE:

            This section defines how to setup ISE manually for the lab use.  Please follow the steps carefully. 

            1. Go to Administration > Backup & Restore.
            2. Select from the drop-down menu for ‘History for Repository’.
            3. Select the lab you want to restore to. When prompted for
              the encryption key, type ISEisC00L and select ‘Restore ADE-OS configuration’.



            Reset physical switch:
            1. On Secure CRT, close all the tabs before proceeding.
            2. Under Reset to Base folder, double-click on HW-SW. This will start the automatic restoration of base configurations.

            How to reset the Lab Under 2 Mins


            How to start/restart EVE-NG VM

             

            Once you get the access to the Guest Desktop Environment

            1. Open Firefox, you will see following bookmarks
              • Restart Server
              • EVE | Login

            2. Click on "Restart Server" bookmark. Or, you can enter the link to restart EVE-NG given in access mail manually in Firefox's address bar.
            3. Click on
              "
              Restart" button.

            4. After that, you will get the following screen with 45 seconds countdown timer. Please be patient and wait for the timer to expire
              .(Do not reload the page)

            5. After the timer expires,
              following
              screen will appear. Click on "Click here" button to proceed.

            6. You will see the following window. 
              • EVE-NG server address: Provided in access mail
              • Username: admin
              • Password: eve

            Note: Choose Native console.
            1. Select the lab from the list

            2. Once you click on the required lab, a preview opens up on the right side of the page.

            3. Click on the Open button at the bottom of the preview. You will be redirected to the lab.
            4. To start the nodes, hover the mouse on the left sidebar then click on More action > Start all nodes. Wait for all the nodes to turn blue.

            5. Hover the mouse again over the sidebar and click on Pictures which will open up a dialog box. Click on the text inside the dialog box to open the topology.

            6. Click on the devices inside the topology to open their session.

             

            How to stop the Lab

             

            1. Hover your mouse over the sidebar and click on More actions > Stop all nodes.

            2. Hover your mouse over the sidebar and click on the Close lab.

             

            Devices CLI Credentials


            LAB 
            Devices
            IP Details 





            This section details the management IP assigned to the following virtual machines in the table below. Please do refer to the topology as well.

            IP Address

            Device Name 

            150.1.7.200

            AD

            150.1.7.201

            Candidate PC

            150.1.7.204

            Wireless PC

            150.1.7.206

            NGIPS

            150.1.7.211

            FMC

            150.1.7.212

            ISE

            150.1.7.213

            WSA

            150.1.7.214

            vWLC

            150.1.7.215

            CUCM

            150.1.7.216

            AMP

            150.1.7.217

            AMP


            The table below contains the credentials to access CLI for the undermentioned devices:

                                                         

            Note: There is no password for ASA. Simply hit enter when prompted for the password.

            TSHOOT LAB WALK THROUGH VIDEO



            Note: Cisco ISE reset process can take several minutes. Please don't close the tab, it will be closed automatically when the restoration is finished.

            FMC-TS Device in TSHOOT Topology


            Note: FMC-TS is seprate in TSHOOT Topology with IP Address 150.1.7.111.


            Updated: 27 Nov 2018 12:43 AM
            Helpful?  
            Help us to make this article better
            1 0