• Support
  • Forums
  • Blogs

How to configure OSSIM to accept connection from another VLAN?

jdtrujillopjdtrujillop

New Life Form
Hi experts,

I've downloaded the OSSIM iso file and I've create a new virtual machine on ESXi server. I finished the installation and configuration without any problem, in the moment to network configuration I've assigned a IP address to OSSIM VM, and works, but only with VM from the same VLAN it can reach betweem them (it's normal). But, when I tried to access from another VM with different VLAN to the OSSIM VM does not reach it. 

The network configuration is configurated to routing between VLANs, even I've created another VM different to OSSIM with the same IP address assigned to OSSIM VM and works.

For instance:

Same VLAN:
  • OSSIM-VM: 10.127.8.249
  • UBUNTU-1-VM: 10.127.8.210
Different VLAN:
  • UBUNTU-2-VM: 10.127.7.233
Result:
  • OSSIM-VM reach UBUNTU-1-VM and vice versa
  • UBUNTU-2-VM does not reach OSSIM-VM and vice versa

But if I use the IP address 10.127.8.249 (OSSIM's IP address) in another VM different to OSSIM-VM works.

For instance:
  • CENTOS-VM: 10.127.8.249
  • UBUNTU-1-VM: 10.127.8.210
Different VLAN:
  • UBUNTU-2-VM: 10.127.7.233
Result:
  • CENTOS-VM reach UBUNTU-1-VM and vice versa
  • UBUNTU-2-VM reach CENTOS-VM and vice versa
I've noticed that the rules of routing are different if it is configured in OSSIM or another VM.

For instance:

  • OSSIM VM:
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.127.8.249    0.0.0.0         255.255.255.0   U     0      0        0 eth0 
  • CENTOS VM:
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.127.8.1     0.0.0.0         UG    0      0        0 eth4
10.127.8.249     0.0.0.0         255.255.255.0   U     0      0        0 eth4

I've append new rules in the firewall file configuration firewall_include, but doesn't work.

Can you help to configure OSSIM VM to allow connection from another VLAN?

Share post:

Answers

  • jdtrujillop,

    Your routed interface is missing a default route. This is usually indicative of a missing gateway config.

    Please provide the output of the following command:

    grep admin /etc/ossim/ossim_setup.conf
  • Hi kcoe,

    This is the reponse of the command:

    GatewayConf

    Thanks for your help,

    Best regards,

    Juan
  • I've solved the issue, only I had add a new rule to the gateway in the routing rules.

    Example: route add default gw $IP_ADDRESS

    where $IP_ADDRESS is the IP address of the VLAN's gateway.


Sign In or Register to comment.