top of page
Search

Umbrella VA - First Configuration

We have already seen how Umbrella works in previous posts and now let's do the basic configuration.




Configuration Mode on a VA Deployed:


When you open the VA in your preferred hypervisor's console, and you'll see a configuration menu. As seen in the lower right corner, the system time is set to UTC by default. This will not affect your DNS, network, or hypervisor.


To access the VA console efficiently, use a native application (such as VMware vSphere Client, VMware Remote Console, or RDP)


If you have deployed the VA in a network that supports DHCP, the VA is automatically assigned a DHCP IP address and registers to Umbrella using this IP. This IP address appears on the configuration as well as the Umbrella dashboard.


1- Press Ctrl+B and when prompted, provide a password for configuration changes;

Note: Umbrella<OrgID> should be set as the default password for the VA. Your Org ID can be retrieved from the dashboard URL in your address bar.

2- Optionally, enable remote configuration of this VA over SSH, enter config va ssh enable;

3- If you have enabled SSH, you can now remotely connect to the VA over SSH and enter Configuration Mode after authentication. use vmadmin as your login.

Note: Configuration mode does not support concurrent access by more than two users.



Configure the VA Through Configuration Mode:


Configure the name: 

config va name <hostname>

Configure the IP, Netmask, and Gateway:

config va interface <ipaddress> <netmask> <gateway>

Configure an IPv6 address:

config va interface6 <ipv6 address>/<prefix> <ipv6-gateway>

Configure SNMP:

config snmp configure -v2 c <community>

Configure NTP:

config ntp add <ipaddress>

Configure local DNS:

config localdns add <ipaddress>

Configure Rate-limiting:

config va per-ip-rate-limit enable <pps> <burst>

Configure Umbrella Resolvers:

*By default, the VA is configured to use the standard Umbrella resolvers (208.67.220.220 and 208.67.222.22)

config va resolvers alternate

Configure DNSSEC Support:

config va dnssec enable

Logging to Remote Syslog Server:

config logexport destination <rsyslog-server-ip:port> <protocol>


Troubleshooting commands:

  • config snmp status

  • config ntp show

  • config localdns show

  • config va show

  • config va status

  • config logexport status

  • config anycast bgp status

  • config tunnel status

  • config anycast status




Recent Posts

See All
Understanding CIMC for Cisco ISE

Cisco Integrated Management Controller (CIMC) is a crucial component for managing and monitoring Cisco UCS servers, including those used...

 
 
 
Securing IOS-XE Routing Protocols

Securing the routing information prevents an attacker from introducing false routing information into the network, which could be used as...

 
 
 
Cisco Duo Log Sync (DLS)

Duologsync (DLS) is a utility written by Duo Security that supports fetching logs from Duo endpoints and ingesting them to different...

 
 
 
Programming and IT solutions guide on STENGE.info blog
Cybersecurity and Networking tutorials on STENGE.info
IT infrastructure solutions and technology tutorials
STENGE.info logo - Tech Blog for IT Solutions and Tutorials
bottom of page