Lab 1.1 Routing and DMZ - jude-lindale/Wiki GitHub Wiki

Basic Configuring

rw01

  1. First is to make sure that rw01 is set to the right network adapter in this case it should be SEC350-WAN

  2. Next is to login to rw01 as champuser and change its default password using the following command:

    sudo passwd champuser
    
  3. Then add a new sudo user using the command below:

    sudo useradd jude
    sudo passwd jude
    sudo usermod -aG sudo jude
    
  4. Next is to change the hostname of the machine which can be done using the command:

     sudo hostnamectl set-hostname rw01-jude
    
  5. The last step is to make sure the the machine has its assigned static ip which can be down via the gui or nmtui it should look similar to the following:

2023-01-16 14_24_20-VMware Horizon

  1. reboot so that the hostname can take effect

fw01 (vyOS)

web01

  1. First is to make sure that web01 is set to the right network adapter in this case it should be SEC350-01-DMZ-jude.lindale
  2. like the other machines web01 will need it IP address and hostname changed which can be done via nmtui, as well as a new sudo user and to change the passwords for champuser and root:

2023-01-16 14_44_26-VMware Horizon

2023-01-16 14_44_50-VMware Horizon

Configuring httpd on web01 & Configuring firewall on web01

  1. First is to install httpd using the following command:

    sudo yum install httpd -y
    
  2. Once installed enable and start httpd:

     sudo systemctl enable httpd
     sudo systemctl start httpd
    
  3. Then allow port 80/tcp and 443/tcp or services http and https throught the firewall or just do all for good measure:

    firewall-cmd --permanent --add-port 80/tcp
    firewall-cmd --permanent --add-port 445/tcp
    firewall-cmd --permanent --add-service http
    firewall-cmd --permanent --add-service https
    firewall-cmd --reload
    

log01

  1. First is to make sure that web01 is set to the right network adapter in this case it should be SEC350-01-DMZ-jude.lindale
  2. like the other machines web01 will need it IP address and hostname changed which can be done via nmtui, as well as a new sudo user and to change the passwords for root:

2023-01-16 14_47_40-VMware Horizon

2023-01-16 14_48_01-VMware Horizon

Testing httpd on web01 from rw01

  1. on rw01 go to the network connects panel and add a route:

2023-01-16 15_02_23-VMware Horizon

rsyslog