Lab 01 - Virtual Machine (VM) Creation and Network Configuration
This lab contains information directions and exercises to teach you how to:
- Setup your VMs (specific to your class)
- Configure networking on the required VMs behind the firewall
- Use the commandline to find network information including
- IP address
- DNS information and
- Gateway all on BSD, Linux and Windows.
Creating the VMs
First we will setup the pfSense VM.
- Start the SCVMM from a lab machine.
- Find Clouds, Nimbus.
- Right Click on Nimbus and select Create New Virtual Machine
- Select the pfSense template and click ok, next.
Set the "Virtual Machine Name" to: "CPTR 427-username-pfsense" where you replace username with your school username. Click Next... until you get to Add Properties
- Select an action to perform automatically when the virtualization server starts: "Turn on the VM if it was running..."
- Select Next, Create
- Don't turn on the machine yet! Directions for setting up each machine are given below in the setup section.
(Optional) Repeat the process above as directed for the following VM templates (use the template name below for the Virtual Maqchine Name e.g. "CPTR427-scot-ubuntu":
- Ubuntu Desktop
- Windows Server (latest core)
- Kali (Latest)
- Metasploitable3 (ubuntu version Username=Password="vagrant").
After you have created all the virtual machines, see Dr. A and he will configure your NICs with the appropriate VLANs. If your machines have been started, you will need to turn them off at this point. DO NOT CONTINUE BEYOND THIS POINT UNTIL YOUR NETWORK IS CONFIGURED BY Dr. A or the Student Lab Director (this year Esther)
As an aside, here are the steps that we will do for you:
- Add a second non-legacy network adapter to your pfSense box.
- Connect the second network adapter to the Private VLANs network
Enable the VLAN and assign you one see NetworkConfiguration/VlanAssignments for VLAN assignments
- Set the MAC address to static!
This means that you can setup your interior computers. By default, pfSense sets up a DHCP server, so you shouldn't have to setup any network information on the clients yet.
Setting up the VMs
Start the pfSense VM and run through the install, accepting all the defaults. After the install reboot and then shutdown the system, why? Because we didn't take out the CD/DVD iso. After pfsense is shutdown, right click on the VM in SCVMM and select properties. Remove the ISO file from the DVD as shown below.
Now you can boot pfSense backup and it should boot from your hard drive. It will eventually ask you for some information like:
You can answer no to the VLANs question as shown above and then use the first Network Interface Card (NIC) for the WAN and the second NIC for the LAN. It will ask you one more time and you can leave it blank. Answer "y" if you believe that it is correct and it will boot. It should look something like the following:
If you should reboot at this point, it should not ask you again for configuration information, but come up directly to the screen above.
Ubuntu 20.04 Desktop Setup
Bootup the Ubuntu Desktop machine and go through the install process. pfSense automatically sets up DHCP, so you should have network access immediately. To setup remote desktop, check out Ubuntu
You can now open a browser, go to https://192.168.1.1 and finish setting up pfsense.
- User: admin
- Pass: pfsense
You should be able to use the defaults for now except for the following notable exceptions. Just give your system a name and remember your IP.
- Do not block private networks! You may also unblock bogon networks.
- I would recommend giving your Ubuntu Desktop a reserved IP. You can do this through the DHCP service.
- I would recommend that you install xrdp for remote desktop access to your Ubuntu Desktop
- I would recommend that you forward RDP through to your Ubuntu machine so that you don't have to use lab machines to access your VMs all the time.
Install Kali linux.
Install Windows 2016.
What to turn in
Create a video with voice over using your own voice, that shows the following for each system:
- You can login (for pfSense use the website all others use ssh/remote desktop)
- Show me that the system can access the web by bringing up a web page (for pfSense if any other system can access the web, that is proof enough).
For each OS (Ubuntu Desktop, Windows Server, Kali, Metasploit) using commandline only, show me the following:
- IP Address, Subnet, Gateway and DNS configuration
- Show that DNS works by looking up google.com
- Show the arp table.