wiki:Cnbp2019/Agenda/LabSetup

Version 7 (modified by admin, 6 years ago) ( diff )

--

Lab Setup

In this Hands-on we will install all dependencies and basic network design. We will use Oracle Virtual Box and GNS3 software to virtualize the lab network.

All participants are grouped in to two as User A and User B and the group details including IP subnets can be found from here.

For each group;

  • User A needs to install GNS3 and Virtual Box
  • User B needs to install Virtual Box only

Both users must change their host machines (Laptop) ip address as per the above linked table and it is advised to use the wired network.

We will create virtual network on User A and related servers on User B due to RAM limitations on Physical Devices.

Virtualized appliances will be connected via UDP tunnels and these must be neglected for your actual physical installations.

Download Dependancies

  • Download Oracle Virtual Box from here
  • Download pfsense image from here ( only on User A)
  • Download GNS3 from here
  • Download Required router images
    • Image 1
    • Image 2
  • Download all server VM's on User B
    • OVA1
    • OVA2
    • OVA3

Following settings will need to be as it is with the changes only to the specified dynamic content.

Install Virtual Box

On both users, Install Virtual Box software with default settings, make sure you have enabled virtualization support from your host machine BIOS.

Import OVA files in to Oracle virtual box from File Import Appliance

While importing make sure to Tick reinitialize the MAC address of all your network cards.

This should import Virtual Machines for pfsense on User A and server machines + GUI on User B

As soon as you import vm's, change your vm network connections as follows;

  • User A : pfSense VM

Adapter 1:

Attached to: Bridged Adapter
Name: [[Your Physical Adapter Name]]
Promiscuous Mode: Allow All
Cable Connected

Adapter 2:

Attached to: Generic Driver
Name: UDPTunnel
Generic Properties:

dest=127.0.0.1
dport=30000
sport=20000

Cable Connected

Adapter 3:

Attached to: Generic Driver
Name: UDPTunnel
Generic Properties:

dest=127.0.0.1
dport=30001
sport=20001

Cable Connected

Note down all mac addresses as we need them to decide which port connects to which network later when installing pfsense)

  • User B : GUI VM

Adapter 1:

Attached to: Generic Driver
Name: UDPTunnel
Generic Properties:

dest=[[IPv4 of UserA]]
dport=30002
sport=20002

Cable Connected

  • User B : Server VM

Adapter 1:

Attached to: Generic Driver
Name: UDPTunnel
Generic Properties:

dest=[[IPv4 of UserA]]
dport=30003
sport=20003

Cable Connected

  • User B : Monitoring Server VM

Adapter 1:

Attached to: Generic Driver
Name: UDPTunnel
Generic Properties:

dest=[[IPv4 of UserA]]
dport=30004
sport=20004

Cable Connected

Install GNS3

On User A host machines, download latest GNS3 from local ftp link here and go through the installation steps from here

On first application load, cancel all wizards including Open Project wizard.

Go to Edit --> Preferences

Select Server on Left side menu and select Enable local server from Main Server tab if it is not selected already.

Click Apply

Select Dynamips --> IOS routers on Left side menu and New

Click Apply and Ok

Next go to File --> New blank project

Name the project as Campus Network and click OK


On your new project click on the fifth icon on your left corner menu Browse All Devices

Drag and drop following devices in to the design area

  • 2 x EtherSwith Router
  • 7 x Ethernet Switch
  • 5 x Cloud
  • 8 x VPCS

Next, right click on each Clouds and define following on its configurations (Right Click --> Configure );

  • Cloud-1
    • Misc:
      • Name: LEARN-Router
    • Ethernet Interfaces:
      • Select "Ethernet" and click "Delete"
    • Click "Apply" and "OK"
    • Again Right Click --> Change Symbol
      • Select the symbol called "router" from Symbols Library and Click "ok"
  • Cloud-2
    • Misc:
      • Name: pfSense-Firewall
    • Ethernet Interfaces:
      • Select "Ethernet" and click "Delete"
    • UDP Tunnels
      • Name: DMZ
      • Local Port: 30000
      • Remote host: 127.0.0.1
      • Remote Port: 20000
      • Click "Add" and create another as,
      • Name: LAN
      • Local Port: 30001
      • Remote host: 127.0.0.1
      • Remote Port: 20001
      • Click "Add", "Apply" and "OK"
    • Again Right Click --> Change Symbol
      • Select the symbol called "firewall" from Symbols Library and Click "ok"
  • Cloud-3
    • Misc:
      • Name: GUI-PC
    • Ethernet Interfaces:
      • Select "Ethernet" and click "Delete"
    • UDP Tunnels
      • Name: NIC1
      • Local Port: 30002
      • Remote host: [[IPv4 of UserB]]
      • Remote Port: 20002
      • Click "Add", "Apply" and "OK"
    • Again Right Click --> Change Symbol
      • Select the symbol called "Computer" from Symbols Library and Click "ok"
  • Cloud-4
    • Misc:
      • Name: Server
    • Ethernet Interfaces:
      • Select "Ethernet" and click "Delete"
    • UDP Tunnels
      • Name: NIC1
      • Local Port: 30003
      • Remote host: [[IPv4 of UserB]]
      • Remote Port: 20003
      • Click "Add", "Apply" and "OK"
    • Again Right Click --> Change Symbol
      • Select the symbol called "Server" from Symbols Library and Click "ok"
  • Cloud-5
    • Misc:
      • Name: Monitoring-Server
    • Ethernet Interfaces:
      • Select "Ethernet" and click "Delete"
    • UDP Tunnels
      • Name: NIC1
      • Local Port: 30004
      • Remote host: [[IPv4 of UserB]]
      • Remote Port: 20004
      • Click "Add", "Apply" and "OK"
    • Again Right Click --> Change Symbol
      • Select the symbol called "Server" from Symbols Library and Click "ok"

Right Click on other devices and "Change Hostname" as,

  • ESW1 :- FAC1
  • ESW2 :- FAC2
  • Ethernetswitch-1 :- FAC1-BLD1-FL1
  • Ethernetswitch-2 :- FAC1-BLD1-FL2
  • Ethernetswitch-3 :- FAC1-BLD2-FL0
  • Ethernetswitch-4 :- FAC2-BLD1-FR1
  • Ethernetswitch-5 :- FAC2-BLD2-FR1
  • Ethernetswitch-6 :- FAC2-BLD2-FR3
  • Ethernetswitch-7 :- DMZ

Then as per the given network diagram, connect your devices. Make sure you connect ports exactly as per the diagram.

Please note that the link between pfSense and the LEARN Router nodes are for illustration purposes only. You are not allowed to connect them via connections as both of them are cloud devices. As we are directly using a bridged interface for pfSense WAN, you may use a "Drawn line" to complete the diagram.

Attachments (1)

Download all attachments as: .zip

Note: See TracWiki for help on using the wiki.