Lab 6.1 Port Forwarding and Jump Boxes - devinziegler/Devin-Tech-Journal GitHub Wiki

πŸ”ŒPort Forwarding

Port forwarding in this example will be used for forwarding any http traffic from WAN to our webserver.

Update VyOS with the following rule:

set nat destination rule 10 description 'HTTP->WEB01'
set nat destination rule 10 destination port 80
set nat destination rule 10 inbound-interface eth0
set nat destination rule 10 protocol tcp 
set nat destination rule 10 translation address 172.16.50.3
set nat destination rule 10 translation port 80

This rule takes any requests of port 80, and forwards them to web01 (172.16.50.3) on the DMZ.

  • Now that the rule is in place, any port 80 request to the WAN IP will be routed to the web01. This can be tested with a simple curl or wget.

Port forwarding for SSH (WAN-to-DMZ)

Any ssh (port 22) traffic coming from WAN to the DMZ should be redirected to jump. This is done with another port forwarding rule:

set nat destination rule 20 description "Forward SSH"
set nat destination rule 20 destination port 22
set nat destination rule 20 inbount-interface eth0
set nat destination rule 20 protocol tcp
set nat destination rule 20 translation address 172.16.50.4
set nat destination rule 20 translation port 22

Now all inbound ssh traffic from WAN will be directed to jump.

πŸ”₯More VyOS configureation found here (including the above)

🦘 New Box (jump)

The new jump system sits in the DMZ and acts as a remote administration access point. This lab goes through jump configuration, and deployment as for use as a web admin box.

Ubuntu Server basic configuration for Jump

Most CentOS configuration steps have been shown in the past, reference these articles

Jump will be on the DMZ Network

Passwordless Users and SSH

Create a Passwordless User (Ubuntu Server)

adduser --disabled-password <username>

For RHEL systems use useradd and leave the password blank

πŸ”‘ SSH Keys:

Keys can be generated with the ssh-keygen command, here is an example

ssh-keygen -t rsa -b 4096 -f <name>

-t flag selects the algorithm, -b sets key size, -f denotes the file name

Find more command options here

🚌 Transferring SSH Keys

  • The most common way to move a public key from one system to another is via ssh-copy-id:
ssh-copy-id -i ~/.ssh/<pubkey> <user>@<hostname/ip>

This command copies your public key to a remote system.

Find more information about the transfer of keys here

Logging in with SSH keys

  • Once the public key has been transferred, the remote system can no use it for ssh.
ssh -i .ssh/<pubkey> <username>@<hostname/ip>

You should not be prompted for a password instead a passkey - or nothing if the ssh agent has been configured for such

More information about ssh-agent can be found here

🏒 Managing Jump with Wazuh

To configure Jump to be a Wazuh agent, follow steps laid out in the following

Instead of running all commands on jump, pull the deb onto mgmt01, and transfer it to jump, then run the installation commands.

Tech Journal Home

Repo QuickLink

⚠️ **GitHub.com Fallback** ⚠️