Lab00: Environment Configuration - adaley0518/Tech_Journal GitHub Wiki

Lab00 01/13/2020: Routing and Windows, this lab is using information for my past class to build a simple network to be used in the future of the course. My teacher has provided the environments for us through vcenter. The environments consist of a firewall with a pfsense virtual router(fw01), windows 10 (wks01), server core (ad01), and Server 2019 with GUI (mgmt01).

Start with fw01 Configuration:

  • before starting the environment make sure Network Adapter 1 is WAN network and Network Adapter 2 is LAN network
  • have your own IP, in this case, mine is 10.0.17.13/24
  • Now for the OS Configuration:
    • click 1 to assign interfaces to make em0 the WAN network and em1 the LAN network
    • click 2 to set the network interfaces, press 1 or 2 depending on the WAN or LAN
      • WAN interface will be your assigned IP
      • LAN interface will be set to 10.0.5.2/24
      • Your WAN upstream gateway address is 10.0.17.2
      • Not using IPv6 on WAN or LAN
      • Not using a firewall for DHCP on the LAN
      • Do not revert http
    • when done WAN should read: em0 --> 'assigned IP/24'
    • when done LAN should read: em1 --> '10.0.5.2/24'
  • next enter the shell (8) and ping google.com (should be successful)

Next, we will be configuring the Web Interface from wks01:

  • make sure Network Adapter is changed to LAN before starting the environment
  • Begin normal configuration steps:
    • manage an account, add password to administrator
    • may need to create a new local administrative user
    • after accounts are done, set up static IP
      • go to ethernet propeties
      • go to IPv4
      • click use the following IP address
        • input IP address: 10.0.5.100
        • netmask: 255.255.255.0
        • gateway: 10.0.5.2
        • DNS: 10.0.5.2 (your fw01 LAN interface)
      • go to system settings, change hostname to wks01-yourname
  • Now we will set up the firewall
  • go to https://10.0.5.2 and login using admin/pfsense
  • make the following changes in the wizard
    • hostname: fw01-yourfistname
    • domain: yourfirstname.local
    • Primary DNS Server: 8.8.8.8
    • Uncheck block RFC1918 Private Networks (step 4)
    • change the password if you like, don't forget it
  • wks01 should be able to ping your LAN's default gateway 10.0.5.2 and ping google.com

Next, is ad01 Server Core configuration:

  • change Network Adapter 1 to LAN
  • change and record the new administrator password
  • type 'sconfig' to configure settings:
    • click 8 for network settings
    • click 1 for the network adapter
    • click s for static
      • IP: 10.0.5.5
      • Netmask: 255.255.255.0
      • Gateway: 10.0.5.2
      • Preferred DNS: 10.0.5.2
    • click 2 for computer name
      • change to ad01-yourname (wait to restart)
    • click 5 to make windows update settings to Manual
    • Now reboot
  • Now, we are going to install the Active Directory
    • you are going to want to type cd.. until you are out of all the directories
    • now type in the command: 'cd \Windows\System32\en-US'
    • then type 'powershell'
    • use the command 'Install-WindowsFeature AD-Domain-Services -IncludeManagementTools
  • Now, install the forest
    • command: Install-ADDSForest -DomainName yourfirstname.local
  • After installation, you should be able to see your the administrative user
    • type whoami --> yourfirstname\administrator (this will be important to remember for setting up the rest of the network

Next, we are going to join wks01 to the domain we just created

  • your gonna go to system settings again, change settings for the computer name
  • then click change but click domain and enter 'yourfirstname.local'
  • hit okay, if it asks for administrative user name and password, use the following (this is were the domain was created)
    • yourfirstname\administrator
    • and your ad01 password

Next, we will configure mgmt01

  • make sure Network Adapter is set to LAN
  • once again use scongfig from the command prompt to update the settings as follows
    • IP address: 10.0.5.10
    • Netmask: 255.255.255.0
    • gateway: 10.0.5.2
    • DNS should be set to the IP of ad01(10.0.5.5)
    • hostname: mgmt01-firstname
    • join to yourname.local
  • after restarting, login to the domain not the local host
  • using the server manager on mgmt01, install the following features (uncheck anything the is not on this list)
    • Remote Server Administration Tools
      • Role Administration Tools
        • AD DS and AD LDS Tools
        • DHCP Server Tools
        • DNS Server Tools
        • File Service Tools
  • Now add ad01 as a new server

Next, we are gonna add Domain Users

  • add a normal user (uncheck change password)
    • left click on the your domain and input information yourfirst.lastname
  • add a named domain admin (uncheck change password)
    • left click on the domain and input information yourfirst.lastname-adm (may need to Domain Admin group)

Finally, create DNS records for our zones

  • Create a Reverse Lookup Zone for the 10.0.5 netowrk
  • Create an A record and PTR for fw01-yourname
    • just check off the box to create PTR record
    • apply and then ok
  • manually add the PTR records for ad01 and mgmt01
  • now logout and then re-login as [email protected]