Lab 01 ‐ Virtual Firewall and Windows 10 Configuration - Isaiah-River/SYS-255-02-SYSAdmin GitHub Wiki

For today's lab we worked to configure a firewall and some Windows 10 VMs in our vSphere work place. We began by editing the settings of our fw01 VM by right clicking it > Edit Settings. After this I needed to add another network device by clicking Add New Device > Network Adapter. We then selected our new network adapter to use LAN. We then powered on our firewall VM. After powering on our Firewall system, we launched a web console to the VM. After configuring itself, we were brought to a console. We then selected "Assign Interfaces" by selecting 1, and compared the MAC addresses of our two interfaces to our WAN and LAN to confirm that em0 matched the WAN connection, and that em1 matched the LAN connection. We then skipped setting up the VLANs, and renamed em0 to WAN and em1 to LAN by selecting the appropriate ports. After this we selected "Set Interface(s) IP addresses" by selecting 2. We then chose to configure the WAN by pressing 1, and selected no to configuring through DHCP. I then configured the WAN IPv4 address to be 10.0.17.111/24. I then set the Upstream Gateway Address as 10.0.17.2. We opted out of configuring IPv6, as well as chose not to revert to HTTP for the GUI, as we are going to use secure https. We then went back to the "Set Interface(s) IP addresses" by selecting 2, and chose to modify the LAN. We set the IP as 10.0.5.2, and gave it a 24 bit subnet mask. After this we chose to skip past setting up an upstream LAN gateway, and IPv6 configuration, and we opted out of DHCP and reverting to HTTP. After finishing configuring our Firewall VM, we navigated to our workstation VM, and configured it so that our LAN is used in the Network Adapter 1. After this we logged into our Windows 10 VM, and adjusted our systems name by going to "This PC" > Right Click > Properties > Change Settings > Rename this computer and set the computer name to wks01-isaiah. After this I created an administrator account by navigating to account system settings by using the search bar and looking for lusrmgr.msc. Under users I created an account with the name isaiah.river-loc, and set a password making sure to uncheck "user must change password" and checking "password never expires." After this I went to the groups tab, and added myself to the administrator list by adding the object name wks01-isaiah\Administrators. I then navigated to my IPV4 properties by going to the network and sharing center, and selecting "change adapter settings." After this I selected the ethernet, right clicked and selected "properties," and double clicked the TCP/IPV4 connection, and modified it to use the selected IP address 10.0.5.111, a subnet mask of 255.255.255.0, a default gateway of 10.0.5.2, and finally the preferred DNS server of 10.0.5.2. After this I needed to adjust the firewall to allow internet connections through. I went to our pfsense firewall settings by going to our web browser and navigating to the IP 10.0.5.2, and logging in. After this I navigated through the wizard, and set the hostname to fw1-isaiah, the domain to isaiah.local, and the primary DNS server to 8.8.8.8, and left the Override DNS checked. After skipping through the wizard, I unchecked the setting to "Block private networks from entering via WAN." Finally I gave an admin password, and finished configuring pfSense. After this I started to complete the deliverables. I took a screenshot of a ping from the firewall to champlain.edu by using the command "ping -c 1 champlain.edu. After this I used Windows Powershell to run a few commands whoami, hostname, ping -n 1 google.com, and finally ipconfig /all. For the third deliverable I took a screenshot showing that my adjustments to the firewall worked by showing that I could navigate to champlain.edu from my VM. For the fourth deliverable I had to use tracert -h 3 champlain.edu to trace the route to champlain.edu with a maximum of 3 hops. I finally covered three elements from this lab that I had struggled or been unfamiliar with.