3467
Comment:
|
5488
|
Deletions are marked like this. | Additions are marked like this. |
Line 1: | Line 1: |
= Lab 01 Virtual Machine (VM) Creation and Network Configuration = | = Lab 01 - Virtual Machine (VM) Creation and Network Configuration = |
Line 6: | Line 6: |
* Configure a network address translation (NAT) firewall using pfSense, | |
Line 18: | Line 17: |
1. Open internet explorer and to to https://samuel.cs.southern.edu 1. Select VMs (this will show any VMs that currently exist for you). 1. Select Deploy to deploy a new VM 1. Click Configure Cloud, and select the name of your cloud (Israel) 1. Select the pfSense template and click ok. 1. Click on the Configure Virtual Machine and set the "Virtual Machine Name" to: "CPTE427-'''username'''-pfsense" where you replace '''username''' with your school username. It is unneccesary to give the "computer name" at this time. 1. Click OK, Click Deploy at the bottom right. |
1. Start the SCVMM from a lab machine. 1. Find Clouds, Nimbus. 1. Right Click on Nimbus and select Create New Virtual Machine 1. Select the pfSense template and click ok, next. 1. Set the "Virtual Machine Name" to: "CPTR 427-'''username'''-pfsense" where you replace '''username''' with your school username. Click Next... until you get to Add Properties 1. Select an action to perform automatically when the virtualization server starts: "Turn on the VM if it was running..." 1. Select Next, Create |
Line 27: | Line 26: |
Repeat the process above for the following VM templates (use the template name below for the Virtual Maqchine Name e.g. "CPTR427-scot-ubuntu": | (Optional) Repeat the process above as directed for the following VM templates (use the template name below for the Virtual Maqchine Name e.g. "CPTR427-scot-ubuntu": |
Line 29: | Line 28: |
1. Ubuntu (Latest LTS) 1. Windows10 1. WindowsServer (2016) 1. Metasploitable (latest). |
1. Ubuntu Desktop 1. Windows Server (latest core) 1. Kali (Latest) 1. Metasploitable3 (ubuntu version Username=Password="vagrant"). |
Line 34: | Line 33: |
After you have created all the virtual machines, see Dr. A and he will configure your NICs with the appropriate VLANs. If your machines have been started, you will need to turn them off at this point. | '''''After you have created all the virtual machines, see Dr. A and he will configure your NICs with the appropriate VLANs. If your machines have been started, you will need to turn them off at this point. DO NOT CONTINUE BEYOND THIS POINT UNTIL YOUR NETWORK IS CONFIGURED BY Dr. A or the Student Lab Director (this year Esther)''''' __As an aside, here are the steps that we will do for you:__ 1. Add a second non-legacy network adapter to your pfSense box. 1. Connect the second network adapter to the Private VLANs network 1. Enable the VLAN and assign you one see NetworkConfiguration/VlanAssignments for VLAN assignments 1. Set the MAC address to static! |
Line 38: | Line 44: |
{{http://db2.cs.southern.edu/videos/images/CPTR427/Lab01/network.svg}} | {{http://db.cs.southern.edu/videos/images/CPTR427/Lab01/network.svg}} |
Line 46: | Line 52: |
Start the pfSense VM and allow it to start with defaults. It will eventually ask you for some information like: | Start the pfSense VM and run through the install, accepting all the defaults. After the install reboot and then shutdown the system, why? Because we didn't take out the CD/DVD iso. After pfsense is shutdown, right click on the VM in SCVMM and select properties. Remove the ISO file from the DVD as shown below. |
Line 48: | Line 54: |
{{http://db2.cs.southern.edu/videos/images/CPTR427/Lab01/pfSense-1.png}} | {{http://db.cs.southern.edu/videos/images/CPTR427/Lab01/pfSense-0.png}} Now you can boot pfSense backup and it should boot from your hard drive. It will eventually ask you for some information like: {{http://db.cs.southern.edu/videos/images/CPTR427/Lab01/pfSense-1.png}} |
Line 52: | Line 62: |
{{http://db2.cs.southern.edu/videos/images/CPTR427/Lab01/pfSense-2.png}} | {{http://db.cs.southern.edu/videos/images/CPTR427/Lab01/pfSense-2.png}} |
Line 56: | Line 66: |
=== Windows 10 Setup === | === Ubuntu 20.04 Desktop Setup === |
Line 58: | Line 68: |
Bootup the Windows 10 machine and go through the install process. pfSense automatically sets up DHCP, so you should have network access immediately. You can now open a browser, go to https://192.168.1.1 and finish setting up pfsense. | Bootup the Ubuntu Desktop machine and go through the install process. pfSense automatically sets up DHCP, so you should have network access immediately. To setup remote desktop, check out [[Ubuntu]] |
Line 60: | Line 70: |
User: admin Psas: pfSense |
|
Line 63: | Line 71: |
You should be able to use the defaults for now. Just give your system a name and remember your IP. | You can now open a browser, go to https://192.168.1.1 and finish setting up pfsense. * User: admin * Pass: pfsense You should be able to use the defaults for now except for the following notable exceptions. Just give your system a name and remember your IP. 1. Do not block private networks! You may also unblock bogon networks. 1. I would recommend giving your Ubuntu Desktop a reserved IP. You can do this through the DHCP service. 1. I would recommend that you install xrdp for remote desktop access to your Ubuntu Desktop 1. I would recommend that you forward RDP through to your Ubuntu machine so that you don't have to use lab machines to access your VMs all the time. |
Line 73: | Line 91: |
|| Edition || AVMA key || || Datacenter || {{{TMJ3Y-NTRTM-FJYXT-T22BY-CWG3J}}} || || Standard || {{{C3RCX-M6NRP-6CXC9-TW2F2-4RHYD}}} || || Essentials || {{{B4YNW-62DX9-W8V6M-82649-MHBKQ}}} || |
|
Line 74: | Line 96: |
== Write-Up / Show == | |
Line 76: | Line 97: |
Show me the installs of each OS. And, using commandline only, show me the following: | == What to turn in == |
Line 78: | Line 99: |
1. IP Address 2. Show that DNS works by looking up google.com 3. Show the arp table. |
Create a video with voice over using your own voice, that shows the following for each system: 1. You can login (for pfSense use the website all others use ssh/remote desktop) 1. Show me that the system can access the web by bringing up a web page (for pfSense if any other system can access the web, that is proof enough). 1. For each OS (Ubuntu Desktop, Windows Server, Kali, Metasploit) using commandline only, show me the following: 1. IP Address, Subnet, Gateway and DNS 1. Show that DNS works by looking up google.com (use nslookup which is part of the net-tools package, do not use a web browser) 1. Show the arp table. |
Lab 01 - Virtual Machine (VM) Creation and Network Configuration
This lab contains information directions and exercises to teach you how to:
- Setup your VMs (specific to your class)
- Configure networking on the required VMs behind the firewall
- Use the commandline to find network information including
- IP address
- Hostname
- DNS information and
- Gateway all on BSD, Linux and Windows.
Creating the VMs
First we will setup the pfSense VM.
- Start the SCVMM from a lab machine.
- Find Clouds, Nimbus.
- Right Click on Nimbus and select Create New Virtual Machine
- Select the pfSense template and click ok, next.
Set the "Virtual Machine Name" to: "CPTR 427-username-pfsense" where you replace username with your school username. Click Next... until you get to Add Properties
- Select an action to perform automatically when the virtualization server starts: "Turn on the VM if it was running..."
- Select Next, Create
- Don't turn on the machine yet! Directions for setting up each machine are given below in the setup section.
(Optional) Repeat the process above as directed for the following VM templates (use the template name below for the Virtual Maqchine Name e.g. "CPTR427-scot-ubuntu":
- Ubuntu Desktop
- Windows Server (latest core)
- Kali (Latest)
- Metasploitable3 (ubuntu version Username=Password="vagrant").
After you have created all the virtual machines, see Dr. A and he will configure your NICs with the appropriate VLANs. If your machines have been started, you will need to turn them off at this point. DO NOT CONTINUE BEYOND THIS POINT UNTIL YOUR NETWORK IS CONFIGURED BY Dr. A or the Student Lab Director (this year Esther)
As an aside, here are the steps that we will do for you:
- Add a second non-legacy network adapter to your pfSense box.
- Connect the second network adapter to the Private VLANs network
Enable the VLAN and assign you one see NetworkConfiguration/VlanAssignments for VLAN assignments
- Set the MAC address to static!
Network Setup
This means that you can setup your interior computers. By default, pfSense sets up a DHCP server, so you shouldn't have to setup any network information on the clients yet.
Setting up the VMs
pfSense Setup
Start the pfSense VM and run through the install, accepting all the defaults. After the install reboot and then shutdown the system, why? Because we didn't take out the CD/DVD iso. After pfsense is shutdown, right click on the VM in SCVMM and select properties. Remove the ISO file from the DVD as shown below.
Now you can boot pfSense backup and it should boot from your hard drive. It will eventually ask you for some information like:
You can answer no to the VLANs question as shown above and then use the first Network Interface Card (NIC) for the WAN and the second NIC for the LAN. It will ask you one more time and you can leave it blank. Answer "y" if you believe that it is correct and it will boot. It should look something like the following:
If you should reboot at this point, it should not ask you again for configuration information, but come up directly to the screen above.
Ubuntu 20.04 Desktop Setup
Bootup the Ubuntu Desktop machine and go through the install process. pfSense automatically sets up DHCP, so you should have network access immediately. To setup remote desktop, check out Ubuntu
You can now open a browser, go to https://192.168.1.1 and finish setting up pfsense.
- User: admin
- Pass: pfsense
You should be able to use the defaults for now except for the following notable exceptions. Just give your system a name and remember your IP.
- Do not block private networks! You may also unblock bogon networks.
- I would recommend giving your Ubuntu Desktop a reserved IP. You can do this through the DHCP service.
- I would recommend that you install xrdp for remote desktop access to your Ubuntu Desktop
- I would recommend that you forward RDP through to your Ubuntu machine so that you don't have to use lab machines to access your VMs all the time.
Kali Setup
Install Kali linux.
Window 2016
Install Windows 2016.
Edition |
AVMA key |
Datacenter |
TMJ3Y-NTRTM-FJYXT-T22BY-CWG3J |
Standard |
C3RCX-M6NRP-6CXC9-TW2F2-4RHYD |
Essentials |
B4YNW-62DX9-W8V6M-82649-MHBKQ |
What to turn in
Create a video with voice over using your own voice, that shows the following for each system:
- You can login (for pfSense use the website all others use ssh/remote desktop)
- Show me that the system can access the web by bringing up a web page (for pfSense if any other system can access the web, that is proof enough).
- For each OS (Ubuntu Desktop, Windows Server, Kali, Metasploit) using commandline only, show me the following:
- IP Address, Subnet, Gateway and DNS
- Show that DNS works by looking up google.com (use nslookup which is part of the net-tools package, do not use a web browser)
- Show the arp table.