Virtual IP Network
Download
Report
Transcript Virtual IP Network
Virtual IP Network
Windows Server 2012
Windows 08
Dual Subnets
Virtual Network Setup
•
•
Virtual Box as network simulator
Setup pfSense as a firewall and router
192.168.254.254 Frontier Router
192.168.254.xxx
Roeten PC Win7
Running Virtual Box software network simulator
2 physical NIC’s
SSD used as disk for speed
WAN 192.168.254.43
LAN 192.168.1.1/24
Roeten PC Win7
Running pfSense software – acts
as firewall and router.
Virtual LAN to Virtual Machines
Microsoft Server 2012 setup
•
•
•
Base server 2012, Win08 setup,
Server 2012, Win08 Clones
pfSense datafill networks, 1st NIC for internal network, 2nd Bridged to
external
Sub Network 1
192.168.2.20 2012 Server
Sub Network 2
192.168.1.10 Clone Server
192.168.1.25 Win08 PC
192.168.1.15 Clone Win08 PC
192.168.1.21 Clone Server
192.168.1.11 Clone Server
192.168.1.26 Clone Win08 PC
192.168.1.16 Clone Win08 PC
Highlights pfSense Setup
•
•
•
•
Setup adapter 1 as Network Adapter. This will be our WAN port in
pfSense.
Setup adapter 2 as Network Adapter. This will be our LAN port in
pfSense.
LAN IPv4 – Allow LAN access to any rule.
NAT Firewall Rule – Important rule is to configure NAT rule to allow
pfSense to port forward ports to VM’s 3389 MSRDP port. That is allow
outbound traffic to pass from Network A to any network.
Highlights of Virtual Setup
•
•
•
•
•
•
Install Windows 2012 with .ISO. Then install Windows Active Directory
(AD) and shut down. Considered Base.
Install Windows 08 with .ISO and shut down. Considered Base.
Shutting down the base machines allow a stable base for VM’s.
Each VM can now run their base machine .ISO and will only need to save
the changes they make by saving snapshots to .vdi
Create several Windows 2012 linked clones due to future Active Directory
needs.
Create a few Windows 08 linked clones for future use.
Highlights Active Directory Setup
•
•
Previously installed AD on the base machine and automatic upgrade to a
Domain Controller (DC)
Create a domain Contoso.com
–
•
•
The AD is integrated
Add Active Directory Domain Services (ADDS) server
–
•
•
From database authenticates users at login, resource changes, etc.
Add Active Directory Certificate Services (ADCS) server
Add Domain Name System (DNS) server
–
•
Its FQDN is Base2012.Contoso.com
Computer name resolution to an IP address, etc.
Add Dynamic Host Connection Protocol (DHCP) server
–
Automatically leases IP addresses to clients, instead of manual setup.
Virtual IP Network With AD
•
Select view of network
Sub Network 1
192.168.1.10 Base2012 Server
DNS 192.168.1.10 (self)
GW 192.168.1.10 (LAN)
Domain Contoso.com
AD, ADDS, ADCS
DNS
DHCP
Sub Network 2
Clone of Base2012 server
192.168.2.10 Base2012Clone3
DNS 198.1.10 (subnet 1 AD)
DHCP no
GW 192.168.1.1 = LAN
192.168.2.11 Base2012Clone4
192.168.1.11 Base2012Clone2
192.168.1.15 BaseWin08 PC
DNS 192.168.1.10 = Base2012
DHCP no
GW 192.168.1.1 = LAN
192.168.1.16 BaseWin08Clone1
192.168.2.15 BaseWin08Clone2
192.168.2.16 BaseWin08Clone3
Verify Sub-Networks Interact
•
Verify Network 1 can communicate with Network 2 and external network.
Visa versa Network 2.
•
•
•
•
From network 1 open command prompt window verify ping response from network 2,
pfSense IP, Google.com
From network 1 open command prompt window verify ping response from network 2
pfSense IP, Google.com
Verify can ping DHCP and DNS from random servers and PC’s.
Verify can login into pfSense
continued
•
LDAP configuration allows Windows Server 2012 pfSense to communicate. Which allows AD to
verify information.
Additional AD Setup
• Create a Group Policy Object (GPO)
• Link to domain GPO
• Add users and computers with read privileges
• Add domain users and domain computers with read
privileges
• Add Domain and
Enterprise
Admin’s with edit
privileges
• Create a OU
(Organization Unit)
and attach to GPO
Project Goals
As MCSE certified engineer apply knowledge and create a Network with
sub-networks
Learn new software - pfSense, Virtual Box
Learn hardware (virtual) configuration
Configure from ground up an AD