Question: Firewall Troubleshooting Type or paste question here Any help is greatly appreciated, am utterly lost. A03 Firewall Troubleshooting 10 points Turn in a Word or
Firewall Troubleshooting
Type or paste question here
Any help is greatly appreciated, am utterly lost.
A03 Firewall Troubleshooting 10 points Turn in a Word or PDF document to the D2L Dropbox Overview In this lab you will be auditing and troubleshooting firewall rules in a pfSense firewall. You'll be reconfiguring the rules as necessary to meet certain business requirements. Credentials . pfSense O admin o pfsense Linux Servers O root o Password1! Windows Machines ODSU o Password! Network Overview The network has the following machines: LAN FSD_Admin: Configured with DHCP DMZ o FSD_Server1: 64.42.152.100 o FSD_Server2: 64.42.152.101 WAN o Internet: 24.220.182.100 The interfaces on pfSense are configured as follows: emo: WAN: 24.220.182.102/24 em1: LAN: 64.42.99.1/24 em2: DMZ: 64.42.152.1/24 Your Task Analyze the firewall rules already in place. Make a determination if the rule should be modified in any way to fit the requirements below. o fill out the table below to provide comments on the existing rules. Make notes of what the rule does, what is wrong with it if anything, and why it should be kept as is, modified, or deleted completely. Fix the firewall rules on the three interfaces to fit the requirements below. Note that a single requirement may not necessarily equate to a single firewall rule. Original Rules Floating WAN LAN DMZ Rules (Drag to Change Order) States Protocol Source Port Destination Port Gateway Queue Schedule Description Actions X 0/DB RFC 101B networks . Black private network Black bagon networks Reserved Nat assigned by IANA X D/OB IPv4 TCP WAN net none WR1 Block norr trusted from internet 00 0/DB IPv4 TCP WR2: Internet Server and Server2 HTTP OMZ address 09 443 HTTPS O DOB IPv4 TCP/IP 3388 3388 WR3 Block ROP 0/DB IPv4 PFSYNC . . . . none WR4: Allow pfSense to function on the internet 1.00 Floating WAN LAN D MZ Rules (Drag to Change Order) States Protocol Source Port Destination Part Gateway Queue Schedule Description Actions 1/8.37 MB . . . LAN Address 443 90 Anti-Lockout Rule IP UDP 53 (DNS) WAN address none LR1: Allow DNS to the internet LRZ: Allow local subnet to ping IPIGMP. . none 0 0/08 * 0/08 D0/08 B0/08 0/08 IPv5- none 1.000 3.000 3.000 0 00 1.000 . 64 42 152 101/24 80-3389 none IP IP UDP TCP LR3 Permit trusted traffic LR4: Web and ROP to Server2 LRSLAN-Server Website . . 64.42.152.100 8 D (HTTP) . none Floating WAN LAN DMZ Rules (Drag to Change Order) States Protocol Source 0/DB IPv4 TCP - Gateway Queue Schedule Actions Port Destination DMZ net Port 80 (HTTP) Description DR1: Internet - Servers on port 80 none X * * DR2: Block all Outbound 0/DB 0/DB IPv4 TCP IPv4 ICMP !* WAN net 3.000 3.000 3.000 * * none DA3:Servers can ping the internet A03 Firewall Troubleshooting 10 points Turn in a Word or PDF document to the D2L Dropbox Overview In this lab you will be auditing and troubleshooting firewall rules in a pfSense firewall. You'll be reconfiguring the rules as necessary to meet certain business requirements. Credentials . pfSense O admin o pfsense Linux Servers O root o Password1! Windows Machines ODSU o Password! Network Overview The network has the following machines: LAN FSD_Admin: Configured with DHCP DMZ o FSD_Server1: 64.42.152.100 o FSD_Server2: 64.42.152.101 WAN o Internet: 24.220.182.100 The interfaces on pfSense are configured as follows: emo: WAN: 24.220.182.102/24 em1: LAN: 64.42.99.1/24 em2: DMZ: 64.42.152.1/24 Your Task Analyze the firewall rules already in place. Make a determination if the rule should be modified in any way to fit the requirements below. o fill out the table below to provide comments on the existing rules. Make notes of what the rule does, what is wrong with it if anything, and why it should be kept as is, modified, or deleted completely. Fix the firewall rules on the three interfaces to fit the requirements below. Note that a single requirement may not necessarily equate to a single firewall rule. Original Rules Floating WAN LAN DMZ Rules (Drag to Change Order) States Protocol Source Port Destination Port Gateway Queue Schedule Description Actions X 0/DB RFC 101B networks . Black private network Black bagon networks Reserved Nat assigned by IANA X D/OB IPv4 TCP WAN net none WR1 Block norr trusted from internet 00 0/DB IPv4 TCP WR2: Internet Server and Server2 HTTP OMZ address 09 443 HTTPS O DOB IPv4 TCP/IP 3388 3388 WR3 Block ROP 0/DB IPv4 PFSYNC . . . . none WR4: Allow pfSense to function on the internet 1.00 Floating WAN LAN D MZ Rules (Drag to Change Order) States Protocol Source Port Destination Part Gateway Queue Schedule Description Actions 1/8.37 MB . . . LAN Address 443 90 Anti-Lockout Rule IP UDP 53 (DNS) WAN address none LR1: Allow DNS to the internet LRZ: Allow local subnet to ping IPIGMP. . none 0 0/08 * 0/08 D0/08 B0/08 0/08 IPv5- none 1.000 3.000 3.000 0 00 1.000 . 64 42 152 101/24 80-3389 none IP IP UDP TCP LR3 Permit trusted traffic LR4: Web and ROP to Server2 LRSLAN-Server Website . . 64.42.152.100 8 D (HTTP) . none Floating WAN LAN DMZ Rules (Drag to Change Order) States Protocol Source 0/DB IPv4 TCP - Gateway Queue Schedule Actions Port Destination DMZ net Port 80 (HTTP) Description DR1: Internet - Servers on port 80 none X * * DR2: Block all Outbound 0/DB 0/DB IPv4 TCP IPv4 ICMP !* WAN net 3.000 3.000 3.000 * * none DA3:Servers can ping the internet
Step by Step Solution
There are 3 Steps involved in it
Get step-by-step solutions from verified subject matter experts
Study Help