Free IPAM solution – 1. Installing phpIPAM

Are you tired of using Excel for managing you IP addresses?

Why not use an IPAM DB to keep track of your VLANs, subnets and IP addresses?

An IPAM solution is a vital building block in an automated environment. Lets go through how you can setup a Free IPAM DB for use with vRealize Orchestrator and vRealize Automation.

In a later article I will go though how you integrate it with vRealize Orchestrator.

How to install a phpIPAM server using Ubuntu Server 16.04

Prerequisites: (This guide is based on the 1.2.1 version of phpIPAM)
Installed Ubuntu Server 16.04 LTS

Installation

Downloading phpIPAM

After installing the server and setting up an IP address, a hostname and DNS registration on the server, we need to install the prerequisites for phpIPAM. Unfortunately you might run into some trouble installing it using the install documentation.

Firstly we need to download phpIPAM from the website: http://phpipam.net.

How you get the phpIPAM tar file onto the server is up to you. You can download it directly using wget, or move it to the server using scp. The following steps will assume that you have already done this and that the tar file is placed in the /tmp catalog.

Installing prerequisites

Now we need to install all the packages that phpIPAM needs to run. Type the following commands to setup the environment. How you do this is up to you. Personally I installed openssh-server during the installation, and will be connecting to the server using SSH, but you can do it anyway you want. The only requirement is that you are logged in as root.

# Commands:

# Install Packages
apt install apache2 php7.0 mysql-server-5.7 php7.0-mysql php7.0-gmp php-pear libapache2-mod-php7.0

# Enable Apache Rewrite Module
a2enmod rewrite

# Restart Apache2
service apache2 restart

# Unpack phpIPAM
tar xpf /tmp/phpipam-1.2.1.tar -C /var/www/html

# Move phpipam to webserver root dir. If you want to keep it in /phpipam on you webserver you can skip these commands, you just have to remember to change the “BASE” parameter in config.php
cd /var/www/html
rm index.html
mv phpipam/* ./
mv phpipam/.htaccess ./
rmdir phpipam
mv config.dist.php config.php

#Enable Security (Firewall)
ufw allow OpenSSH
ufw allow "Apache Full"
ufw enable

During mysql installation you will be asked for a mysql root password. This is a new password that you set for mysql. We need this later, so make a note of it.

Change phpIPAM configuration

Edit the file /var/www/html/config.php in your favorite editor vi or nano if your are a newb… Oh I mean Windows user, to change the default phpIPAM password.Change the line:

$db[‘pass’] = “phpipamadmin”;

To:

$db[‘pass’] = “mynewpassword”;

Save the file.

Configure phpIPAM using your browser

Access you server using a browser. http://your-servername-or-ip-address
You should now be able to access the phpIPAM configuration wizard.
Before choosing “Automatic database installation”, we need to change the database schema. Otherwise we will most likely get the following error:

Cannot install sql SCHEMA file: SQLSTATE[42000]: Syntax error or access violation: 1067 Invalid default value for ‘lastSeen’

So go back to the terminal and edit the file /var/www/html/db/SCHEMA.sql

Change the line:

#/var/www/html/db/SCHEMA.sql
`lastSeen` DATETIME NULL DEFAULT ‘0000-00-00 00:00:00’,

To:

#/var/www/html/db/SCHEMA.sql
`lastSeen` DATETIME NULL DEFAULT ‘0001-01-01 00:00:01’,

Now head back to the Wizard and choose “Automatic database installation”

Enter your mysql root credentials. And press Install phpipam database.

It should now create your database, and you should be able to click Continue.

Setup your phpipam admin password, title and site url. Site url should be the fqdn to your server. Ex: http://your-server.yourdomain Later you might want to setup SSL. For that reason you should not use short name.

Save Settings, and proceed to login.

You should now be able to login with your credentials. The default username is admin. It might take a while to login the first time.

You will notice that there are some subnets, IP addresses and VLANs already created. You can browse around to see how everything fits together, or you can start by deleting them.

Setup network scanning

If you want phpIPAM to check what IP addresses are already in use, you have to setup network scanning. This is done in two steps. First step is to activate “Check host status” and “Discover new hosts” on the subnet in phpIPAM web ui. Step two is to schedule a scan in the terminal on your phpIPAM server.Go to the terminal of you phpIPAM server and enter “crontab -e” as root. Choose you editor of choice

Add the following to the end of the file:

# update host statuses every 15 minutes
*/15 * * * * /usr/bin/php /var/www/html/functions/scripts/pingCheck.php
*/15 * * * * /usr/bin/php /var/www/html/functions/scripts/discoveryCheck.php

This will run the check every 15 minutes. If you enabled “Check host status” hosts will get a warning symbol if it does now respond to ping without 30 min, and an error if it has not responded for more than 60 minutes. Remember that phpIPAM server will need to be able to ping hosts on the subnet you define, or it will need to have a remote probe on that network. The timeout settings can be changed in phpIPAM ui under “Administrator and phpIPAM settings”

I hope that you found this useful

Remember to backup your IPAM server. You will quickly be depending on it.

Want replication? Check this link

Next Step

I am planning some followup articles:

  • Import and Export from and to your existing spreadsheets
  • Interacting with phpIPAM from vRealize Orchestrator

4 thoughts on “Free IPAM solution – 1. Installing phpIPAM”

  1. Thank you for the article it helped me install phpipam 1.3 on Ubuntu 16.04.3 server 32bit.
    The only difference I had was that I didnt have to change SCHEMA.sql, but instead I got an error from the phpipam web page stating that I needed mbstring and gd, so i did ‘apt install php-mbstring’ then the same for gd, then restarted apache2 and it worked.
    Hope this helps anyone

Leave a Reply

Your email address will not be published. Required fields are marked *