Lab 10 || Windows Logging & AD - Michaelfoop/SEC-350-01 GitHub Wiki

Firewall Commands

Edge01

This will add the million ports necessary for AD and DNS

set firewall name MGMT-to-LAN rule 30 action accept
set firewall name MGMT-to-LAN rule 30 destination port 53,88,135,139,389,445,686,49152-65535,464,636,3268
set firewall name MGMT-to-LAN rule 30 protocol tcp

set firewall name MGMT-to-LAN rule 31 action accept
set firewall name MGMT-to-LAN rule 31 destination port 389,53,88,123,137,138,636
set firewall name MGMT-to-LAN rule 31 protocol udp



set firewall name LAN-to-MGMT rule 30 action accept
set firewall name LAN-to-MGMT rule 30 destination port 88,135,53,88,135,139,389,445,686,49152-65535,464,636,3268
set firewall name LAN-to-MGMT rule 30 protocol tcp

set firewall name LAN-to-MGMT rule 31 action accept
set firewall name LAN-to-MGMT rule 31 destination port 389,53,88,123,137,138,636
set firewall name LAN-to-MGMT rule 31 protocol udp

fw-mgmt

This is a temporary rule that lets mgmt02 to connect to the internet (delete after installed wazuh agent)

set firewall name MGMT-to-LAN rule 500 action accept
set firewall name MGMT-to-LAN rule 500 protocol all

set firewall name LAN-to-MGMT rule 500 action accept
set firewall name LAN-to-MGMT rule 500 protocol all

I will write more stuff later