Lab 1.1 - AinsleyPlayer/SEC-350 GitHub Wiki

Configuring RW01

Start off by making sure that the box is on the SEC WAN and then powering on the box.

Log into the box using the default credentials.

We will start off by changing the password for the champusr account.

Add a new user and a password, you can leave the values blank when it asks for Name, etc.

Add a new sudo user

Now we need to add our network connection (refer to the IP assignments)

To make sure you are connected, go to the chmplain.edu web page.

Deliverable 1

Success!

Configuring basic routing on FW01

We will now jump over to our FW01 box.

Start off by going into and editing the virtual hardware settings and add a new network adapter. Make sure the three network adapters are WAN, DMZ, and LAN.

Power on the box and when it prompts you, use the default credentials to log in.

Set Hostname

We are going to change the host name as seen in the image below.

Keep typing "exit" until you get a login prompt, then log in to configure the box (log in with defaults)

Interface Assignment

We will now start configuring the interfaces

Add a description for your interfaces for future ease

Using the same commands, name both eth1 and eth2

Now we are going to configure the IP addresses (refer to the IP assignments)

Gateway and DNS

Now we will set the default gateway and DNS server to the SEC350-Gateway Firewall at 10.0.17.2 so it can interact as it should

To make sure that everything is functioning, we will ping google.com

Deliverable 2

Success!

Configuring Web01

Make your way over to your Web01 box, and change your network adapter to DMZ

Now power on the VM and log in with the default username and password

Like we did for the first box, we will add a new user, set hostname, change passwords, etc

We have to set up our IPs, to do this, start off by running the command nmtui

Set up all connections as necessary

Configuring fw01 for NAT and DNS Forwarding on fw01

Head into fw01 and do the following

Now with the forwarding set up on web01, you should now be able to ping by IP address, but not hostname yet

Deliverable 3

Configuring fw01 for DNS forwarding

We are going to tell fw1 to forward DNS requests from the DMZ interface

Now you should be able to ping both 8.8.8.8 and google.com

Deliverable 4

Configuring log01

We are going to initially put our log server on the DMZ network, & later we will place this server in a segmented area of our network.

Configure log01 with an IP address ending in .5. Make sure log01 is on the DMZ network.

Ensure you have set the hostname of web01 and log01 to web01-yourname and log01-yourname respectively, & create a sudo user on both.

Deliverable 5

Configuring httpd on web01 & Configuring firewall on web01

If not already on web01, you can get https with the command sudo yum install -y httpd

Then we need to add ports through the firewall

sudo firewall-cmd --permanent --add-port 80/tcp sudo firewall-cmd --permanent --add-port 443/tcp sudo firewall-cmd --reload

If it is running, your screen should look like this

Testing httpd on web01 from rw01

rw01's default gateway is 10.0.17.2, we need to tell it that any address in your DMZ should route via your firewall’s WAN interface

We do this with a static route on rw01

Restart your network through the gui or from a privileged terminal command

So, it turns out that because of the default gateway, we need to add a static route to be able to access the web server

Now we can access the web page

Deliverable 6

Configuring rsyslog services on log01

Run the command systemctl status rsyslog to make sure it is running on log01

On log01, the /etc/rsyslog.conf file needs to be modified to receive syslog messages over ports 514 tcp and udp. Uncomment the appropriate lines (see below) and restart the rsyslog service.

Run the command nano /etc/rsyslog.conf to be able to edit the file and comment these in