Scribd Logo
Upload

Welcome to Scribd!

  • 3 views

    Lab 5b

    Uploaded by

    eeshkumarreddy.kancham

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    Lab 5b

    Uploaded by

    eeshkumarreddy.kancham
    3 views23 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    3 views23 pages

    Lab 5b

    Uploaded by

    eeshkumarreddy.kancham

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 23

    Lab 5B

    Cyberspace security

    Sheridan College Institute of Technology and Advanced Learning


    Faculty of Applied Science and Technology

    Eesh Kumar Kancham


    Student Name (s) ________________ Student Number __________________ Date ___________

    Introduction
    Pfsense is a free and open-source Unix-like operating system that powers existing servers, desktops, and
    embedded platforms. To create a dedicated firewall/router for a network, it is installed on a physical computer or
    a virtual machine. It can be upgraded and managed using a web-based interface, and managing it does not need
    understanding the underlying FreeBSD system.

    Objectives:
    In this lab, we will deploy Pfsense firewall, setup WAN and LAN interfaces, use the default gateway of the server
    and the workstation and set up a deny rule for social media.

    Instructions:
    ● Before Starting Installing Firewall Pfsense, go to the Virtual box, change the network adapter of windows server 2016
    and windows pro 10 workstation to “Host-only” on both (they will be in a private or internal network).
    ● Set the same previous static IP address for both the server and the workstation as shown in Figure 1 and add an IP
    address to the gateway.
    ● Download Pfsense as ISO file from this link https://www.pfsense.org/download/
    ● Choose architecture “64-bit”, installer type as “ISO image”, choose the closest mirror as “New York”.
    ● Remember to extract the Pfsense file using WinRAR pogrom.

    ● Create a new virtual machine on the virtual box for the firewall. Type a name for the Pfsense and load the ISO file
    then click next.
    ● Note: In the Type, you need to make sure that you select BSD as the type and FreeBSD (64bit) as the version. Click
    start to insert the ISO file.
    • Choose the default settings of the memory and hard disk, then next.

    ● Remember, to apply the configuration process, you have to create two network adapters for the Pfsense VM inside
    the virtual box. One adapter will be configured as NAT and the second adapter will be configured as Host Only. The
    adapter configured as the host only will serve as the default gateway for the Windows virtual machines. The NAT
    adapter will receive packets from the internet
    Figure 1
    ● Accept the user agreement and then start install pfsense as shown in the screen below.
    ● Continue the default Pfsense setup

    ● click spacebar and then enter


    ● Power off the pfsense VM. Go to the VB and remove the ISO from the virtual drive so that it won’t auto load in the
    next boot.
    ● Make sure:
    - under settings for the Pfsense VM change the Type: to “BSD” and the Version: to “Free BSD (64-bit)”

    PFsense IP address Configuration


    In the screen below, it shows that the IP address of the WAN and LAN are set by default, we need to change them
    to the following:
    - In case of only on interface is shown then enter “1” and enter, to set interface(s) IP address, otherwise
    enter option 2 to set the interface(s) IP addresses of the firewall (Pfsense) then press enter.
    - Enter option 2, as long as you have a WAN as external network and LAN as internal network, configuring LAN with
    IP address 192.168.1.10

    - selecting subnet mask : 24

    ● Press “Enter” on keyboard for none


    ● Press “Enter” on keyboard again for none (we do not want to assign a LAN IPv6 address)
    ● Input “n” to disable DHCP server on LAN
    ● The configuration is complete, press “Enter” to continue.

    Ping host
    ● Input “7” and press “Enter” and then input the IP address “192.168.1.10” and do the test connectivity.
    ● The "Ping" function in pFsense allows you to test the connectivity between pFsense and another device on the
    network. We can ping the gateway IP address.
    ● In Windows 10 vm, Ping 192.168.0.10 to verify that there is successful communication between the Host and
    Firewall

    PFsense Portal log-in


    The pFsense portal login is the web interface that allows you to manage and configure the pFsense firewall/router. It is a
    web-based graphical user interface that provides access to all the configuration options and settings for the pfsense
    firewall/router.
    ● Go to the server and open the Google Chrome web browser and in the URL, input the IP Address “192.168.1.10”.
    you may need to change the Adapter 1 settings of the firewall to bridged and change Adapter 2 settings to
    Host-only to access the internet.

    ● Go to the server and login to the Pfsense website using: admin, pfsense as the user’s name and password
    respectively.
    ● Do the wizard setup and then go to Alias to create a rule for blocking the social networks.
    ● Click next and continue the default setup, you will be directed to the Dashboard page that has a summary of the
    pFSense installation and settings
    ● selecting Aliases from firewall dropdown menu

    ● click on add for adding a rule to block social network

    ● Also adding administrator to the Aliases


    ● successfully added the admin and Instagram details

    ● adding new rule to block Instagram.


    ● selecting action as a Block, Address family as IPv4 and any protocol

    Note:
    - In the action choose block
    - In source choose LAN net.
    - In destination choose “single host or alias”
    - destination Port range: any
    - Put description: block social media
    - Click save the apply changes
    ● Test the firewall rule and show the social media network was blocked on your virtual machine
    Checking connection between vms

    Checking the devices connected in the 2016 server


    Downloading pfsence zip and 7zip to unzip

    Unziping the iso


    Creating and installing pfsence
    Configuring pfsence with the 2016 server ip (eesh.com)
    Connecting to pfsence from 2016 server browser using ip 192.1681.10
    Instagram working before implementing firewall
    Finding ip of instagram and implementing blocking using pfsence
    After blocking instagram ip the site does not work

    You might also like