Lab 00: Routing and Windows

3 Terms I found Confusing

• This course mostly repeats everything we did in SYS255 so far so there isn't really much that's too confusing about our environment yet.

1. sconfig Telematry settings

• It seems like this is used for system monitoring. It collects data on the system for diagnostic purposes. https://www.thewindowsclub.com/windows-10-telemetry

2. Server Manager Hyper-V management tools

• Looks like you can manage Hyper-V hosts via Windows Server manager, which is pretty cool. Would be interested to explore this a little more and try this out as opposed to VCenter and Proxmox. https://learn.microsoft.com/en-us/windows-server/virtualization/hyper-v/manage/remotely-manage-hyper-v-hosts#manage-hyper-v-on-a-local-computer

3. Reverse DNS zone name format

• One thing I've been confused on since 255 is why the DNS reverse lookup zones are formatted with the "in-addr.arpa" format at the end. According to this website, it is the reverse entry for the top level domain of the internet used specifically for reverse lookups. https://networkengineering.stackexchange.com/questions/23318/dns-resolutionbackwards-ip-address-in-addr-arpa

Fw01

• This is a PfSense router which means we can web manage it after initial setup.
• Before boot, make the first network adapter set to the WAN and the second to our LAN. Boot the system up. Make the adapter names em0 and em1 respectively.
• Set em0 to the network address you were assigned, and the upstream address to 10.0.17.2. Don't use IPv6 or DHCP or anything like that.
• Set em1 to 10.0.5.2

Wks01

• Network it on the LAN network.
• Boot it up, and go to accounts and create a new admin user with your name. Log out and delete the champuser.
• Give it the IP 10.0.5.100/24, and gateway/DNS of 10.0.5.2.
• Set the hostname to wks01-firstname
• Go to http://10.0.5.2 to set up the firewall now.
• Set the hostname to fw01-firstname, domnain to firstname.local, primary DNS to 8.8.8.8, unckeck block RFC1918, and finish. You should be able to ping the internet now.

Ad01

• Set this to be on the LAN network before booting!
• Once it boots, it'll ask for a password change. After doing this and getting to a terminal, type sconfig to bring up to configuration menu.
• Set the IP to 10.0.5.5/24, with a gateway and DNS of 10.0.5.2. Make sure to set the hostname to ad01-firstname as well. It will need to reboot.
• Now run the following:

Install-WindowsFeature AD-Domain-Services -IncludeManagementTools
Install-ADDSForest -DomainName firstname.local

Mgmt01

• On this machine, open up an administrator powershell window. Enter sconfig again to change the network settings. You can also just do this manually in network and sharing center since this is a GUI version of Windows Server 2019.
• Set the IP to 10.0.5.10/24 with a gateway of 10.0.5.2 and DNS of 10.0.5.5. Set the hostname to mgmt01-firstname and join it to the firstname.local domain now. Reboot the system when prompted, and when logging back in log in as the user "Administrator" on the new domain with the password you created for Ad01.
• Open up Server Manager and in Tools, Add Roles and Features. Install the following:
  • ADDS and AD LDS
  • DHCP Server Tools
  • DNS Server Tools
  • File Services Tools
• Add Ad01 as one of the managed servers as well in Server Manager.
• Open Active Directory Users and Computers and under the Users tree, create two named users called "first.last" and "first.last-adm" - add the .adm account to the Domain Admins group.
• Open DNS Manager and create a new reverse lookup zone for 10.0.5. Now in forward lookup zones, create a zone called "first.last" and add a new A record for fw01-firstname. Make sure that you check the box to create a matching PTR record. Go back into reverse lookup zones and add PTR records for ad01 (10.0.5.5) and mgmt01 (10.0.5.10).
• Log out and you should now be able to log in as the -adm user you created!