Lab 01 ‐ Virtual Firewall and Windows 10 Configuration - rune-seregina/sys-255-fa24 GitHub Wiki
Objective
In this lab, I set up the fw01 VM as well as the wks01 VM, by including the proper wiring, assigning IP addresses, and ensuring connectivity. I used Pfsense and the Windows OS and Powershell to achieve my objectives.
Vocab
- firewalls: provide routing between a network and upstream gateway. ex. protection/rules
- upstream gateway: refers to the direction of network traffic, in terms of where requests get forwarded to to connect to another network segment
- GUI: graphical user interface (subset of UI)
- PPP: point-to-point protocol, a DL layer communication protocol for 2 routers
Resources used:
- cyber.local architecture: basic routed network:
- new local admin account tutorial: https://docs.google.com/document/d/1mnjUIZ1UqK6Klw2ZKlOs8Gf7nMETFqud6lb-eIyD2HE/edit#heading=h.guaw6r7wcr5j
- SYS Labs: https://docs.google.com/document/d/1fGtUcwb7131nRH1fk4nGSGXXOA4GkZb4n1snCJmlGeU/edit#heading=h.hy017y8xp7fo
IP Assignments:
- WAN IP (synonymous with fw interface 1/em0): 10.0.17.112/24 (upward gateway: 10.0.17.2)
- LAN IP (synonymous with fw interface 2/em1): 10.0.5.2/24
- WS IP: 10.0.5.100/24
- WS Default gateway: 10.0.5.2/24
Setting up a firewall:
- 2 network interfaces: 1 to WAN (upstream) and 1 to LAN
- using PfSense: assign correct interfaces to WAN and Lan (ex. em0 and em1) in "Assign Interfaces" menu
- cross-reference MAC addresses for assurance
- set interface IP addresses (default gateway for WAN and LAN address for LAN)
Troubleshooting
- At first, the firewall could not ping champlain.edu. To fix this, I changed the firewall name in pfsense to fw01-rune rather than fw1-rune for consistency.
- At first, powershell could not ping google.com. I tested a few things, and the default gateway, the upstream address, and 8.8.8.8 were all reachable, so I realized the workstation was not able to access DNS despite the pfsense configurations being correct. I ended up having to restart both VMs (wks01 and fw01) from scratch to fix the issue after retrying pfsense configurations too many times made the address unreachable.
Reflection
I had some difficulty during the setup of this lab that I did not find the cause of and had to redo it a few times for it to start working correctly because messing around with too many things inadvertently made it so that I could not retrace my steps and fix my work. Still, overall, everything seems to be working smoothly at this point and I have gained confidence in some initial setup steps of VMs and computer networking.