Lab01 Routing and DMZ - Henryisgreat/TechJournal GitHub Wiki

RW01 setup

  • User: Champuser

  • Pass: ********

  • Create user

    • Adduser henry
    • Usermod -aG sudo henry
    • Hostnamectl set-hostname rw01-henry

  • Connect internets

    • Nmtui
    • -edit connection
    • -ip: 10.0.17.117
    • -default gateway:10.0.17.2
    • -DNS: 10.0.17.2

FW01 setup

  • User: Vyos
  • Pass: ********
  • Configure hostname
    • Configure
    • Set system host-name fw1-henry
    • Commit
    • Save
    • Exit
    • Restart until you get the good hostname
  • Configure network interfaces (eth0 (WAN) eth1 (DMZ) and eth2 (LAN))
    • Configure
    • Delete interfaces ethernet eth0 address dhcp
    • Set interfaces ethernet eth0 address 10.0.17.117/24
    • Set interface ethernet eth0 description SEC350-WAN
    • Commit
    • Save
  • Configure NAT and DNS forwarding on FW01

Web01 setup

  • Configure user and network
    • Adduser henry
    • Usermod -aG wheel henry
    • Passwd henry ---
    • Nmtui
  • Set DNS and Gate way to DMZ interface on fw01(172.16.50.2) remember that the DMZ is a /29
  • Configure HTTPD
    • Sudo yum install httpd
    • sudo firewall-cmd --zone=public --add-port=80/tcp --permanent
    • sudo firewall-cmd --reload

Log01 setup

  • Allow UDP and TCP traffic on port 514
    • sudo firewall-cmd --zone=public --add-port=80/tcp --permanent
    • sudo firewall-cmd --reload