Skip to content

Lab 1.1 Routing and DMZ

Jump to bottom
dthomsen116 edited this page Jan 23, 2023 · 3 revisions

Thomsen Tech Journal

Stated Goal of the Assignment

Create a Tech Journal for the Lab 1.1 Routing and DMZ Lab.

Useful Commands

List out any commands that were used or found to be helpful during the process.

VyOS commands

firewall-cmd

used to list services or allow ports to open.

--add-port=PORTNUM/(UDP/TCP)

--list-all

logger -t test TEST

using the logger utility to send a syslog message

Steps from the Process

Document any notes that were taken while working on the assignment.

  1. Config Basic Routing on fw01 using Vsphere nework settings as well as using VyOS to config it all (interfaces, gateway, DNS, Hostname).

  2. Config Web01

  • Set the IP/Netmask, Gateway, DNS Servers, Hostname, Add Users.

  • Ping google to test that this was done properly.

  1. Configuring fw01 for NAT and DNS Forwarding on fw01.

  • This step seems more daunting than it is. The Commands are listed in the VyOS useful commands.

  • Must also config fw01 for DNS forwarding using the set service dns forwarding Vyos Command

  1. Config log01

  • Set the IP/Netmask, Gateway, DNS Servers, Hostname, Add Users.

  • Ensure you have set the hostname of web01 and log01 to web01-yourname and log01-yourname respectively, & create a sudo user on both.

  1. Configuring httpd on web01
  • Add ports 80 and 443 for the server
  1. Testing httpd on web01 from rw01
  • Create a static route in order to send any addresses in the DMZ to the Firewalls WAN interface
  1. Configuring rsyslog services on log01

  • install rsyslog and edit the /etc/rsyslog.conf file in order to allow the port 514 to be used.

  • Open port 514/tcp and 514/udp

  • Create the /etc/rsyslog.d/sec350.conf and restart the rsyslog service

/etc/rsyslog.d/sec350.conf should contain one line: user.notice @IPofSYSLOGSERVER

  • Use logger to send syslog messages
  1. SSH from rw01->web01->log01

Additional Notes

Include any additional notes or observations made while working on the assignment.

"Take notes on the configuration steps necessary to create a syslog server and a syslog client."

  • Steps 7 and 8 listed above

Troubles Encountered

**List out any issues that were encountered while working on the assignment. **

I had run into issues with both steps 6 as well as step 8. The issue of connecting to the webpage was solved but as of making this document, I was unable to get the ssh working.

For Step 8, I had run into permission issues between the boxes. I kept recieving "permission denied" when trying to ssh. I am unsure of why this is as both of the accounts being used had sudo access and the ssh port was open. The most likely outcome for why it is not working is inconsistency between accounts and boxes. The named sudo account on rw01 does not have a proper directory so champuser is the account that was being used.

Resolutions

If any issues were solved, list out the resolutions for each problem.

For Step 6, I had difficulties getting the webpage to show up on the rw01 box. I am unsure of the exact problem I encountered, but it was solved after some trial and error while going over the webserver config, the static route put in place on rw01, as well as the network settings for both boxes. I had reset all of the services being used and then switched to chrome as well. Some piece of this troubleshooting had led to the webpage to work properly in the end.

For Step 8, I was able to solve the issue of SSH not working. I had incorrectly set my gateway when making a static route for my rw01 box. After changing it to the proper address, it worked perfectly.

Further Questions

List out any questions that arose while working on the assignment.

N/A

Clone this wiki locally