Lab 1.1 - AinsleyPlayer/SEC-350 GitHub Wiki
Configuring RW01
Start off by making sure that the box is on the SEC WAN and then powering on the box.
Log into the box using the default credentials.
We will start off by changing the password for the champusr account.
Add a new user and a password, you can leave the values blank when it asks for Name, etc.
Add a new sudo user
Now we need to add our network connection (refer to the IP assignments)
To make sure you are connected, go to the chmplain.edu web page.
Deliverable 1
Success!
Configuring basic routing on FW01
We will now jump over to our FW01 box.
Start off by going into and editing the virtual hardware settings and add a new network adapter. Make sure the three network adapters are WAN, DMZ, and LAN.
Power on the box and when it prompts you, use the default credentials to log in.
Set Hostname
We are going to change the host name as seen in the image below.
Keep typing "exit" until you get a login prompt, then log in to configure the box (log in with defaults)
Interface Assignment
We will now start configuring the interfaces
Add a description for your interfaces for future ease
Using the same commands, name both eth1 and eth2
Now we are going to configure the IP addresses (refer to the IP assignments)
Gateway and DNS
Now we will set the default gateway and DNS server to the SEC350-Gateway Firewall at 10.0.17.2 so it can interact as it should
To make sure that everything is functioning, we will ping google.com
Deliverable 2
Success!
Configuring Web01
Make your way over to your Web01 box, and change your network adapter to DMZ
Now power on the VM and log in with the default username and password
Like we did for the first box, we will add a new user, set hostname, change passwords, etc
We have to set up our IPs, to do this, start off by running the command nmtui
Set up all connections as necessary
Configuring fw01 for NAT and DNS Forwarding on fw01
Head into fw01 and do the following
Now with the forwarding set up on web01, you should now be able to ping by IP address, but not hostname yet
Deliverable 3
Configuring fw01 for DNS forwarding
We are going to tell fw1 to forward DNS requests from the DMZ interface
Now you should be able to ping both 8.8.8.8 and google.com
Deliverable 4
Configuring log01
We are going to initially put our log server on the DMZ network, & later we will place this server in a segmented area of our network.
Log in with default credentials
Configure log01 with an IP address ending in .5. Make sure log01 is on the DMZ network.
Ensure you have set the hostname of web01 and log01 to web01-yourname and log01-yourname respectively, & create a sudo user on both.
Deliverable 5
Configuring httpd on web01 & Configuring firewall on web01
If not already on web01, you can get https with the command sudo yum install -y httpd
Then we need to add ports through the firewall
sudo firewall-cmd --permanent --add-port 80/tcp sudo firewall-cmd --permanent --add-port 443/tcp sudo firewall-cmd --reload
If it is running, your screen should look like this
Testing httpd on web01 from rw01
rw01's default gateway is 10.0.17.2, we need to tell it that any address in your DMZ should route via your firewall’s WAN interface
We do this with a static route on rw01
Restart your network through the gui or from a privileged terminal command
So, it turns out that because of the default gateway, we need to add a static route to be able to access the web server
Now we can access the web page
Deliverable 6
Configuring rsyslog services on log01
Run the command systemctl status rsyslog
to make sure it is running on log01
On log01, the /etc/rsyslog.conf file needs to be modified to receive syslog messages over ports 514 tcp and udp. Uncomment the appropriate lines (see below) and restart the rsyslog service.
Run the command nano /etc/rsyslog.conf
to be able to edit the file and comment these in
I then ran the commands we ran earlier in the lab to add port 514 to our firewall
Now go into our Web01 box run the command sudo nano /etc/rsyslog.d/sec350.conf
and add the following to the file, then save it
Test rsyslog messaging from web01 to log01
On log01, tail -f the /var/log/messages file
On web01, use the local logger utility to send a syslog message
Deliverable 7
rw01->SSH->web01->SSH->log01
From rw01, use a SSH session to login to web01, from that SSH session login to log01.