Hey, everyone, welcome back. So
what we did previously before we move forward with this lab is
we got a chance. Toe, take a look at the lab environment
firewall gotta Windows eight machine and we got a candle next machine
on the PF sense firewall. We assigned I p addresses to the three interfaces that we had available to us. We had a win interface on land interface and the opt one interface or R d m Z. Now, during that wizard or guide to set up those at the interfaces
we selected know for a few things, right, d a c p,
We also didn't want to revert our changes after we assigned those I p addresses to those interfaces. And what we were able to see is, once we actually,
you know, signed onto the PS sense Web console was we had three interfaces, our up and running. And then we went ahead and move forward and made sure that we didn't make any changes, because clearly, we just want to see these interfaces
up and running. And we want to see how filter and works inbound, outbound
and so on. And so we want to make sure that we don't block private networks. Right? Whether you're at home or you're in an office on at work,
you're gonna be on a 10 network 172 up 16 or 192.168 And so we want to make sure that we're not blocking those private networks. And we made sure that we check that for our win, our land and our DMC. So now we won't move forward and and and see if we could test connectivity
between these separate zones now that we have a firewall
up and running. So we're gonna move over to our Callie machine
he's signing, we're gonna see if we could Ping
And we talked about Ping right in section when we talked about our ability to use the Internet control message protocol as a diagnostic tool to see if the host is reachable to get our eco reply out there and hopefully get an echo request.
Right, So we're gonna continue that effort now that we've got a P f sense Pharrell
up and running and that we have three separate zones who will determine right now whether or not we can actually paying something in a different segment or zoom.
in a different zone and see what we get.
And as you can see, this doesn't look good. I'm not getting that echo reply that I'm hoping for. And that's a couple of things that that particular host in that separate zone could be down. Or
it could be that our firewall is not allowing this type of traffic to get through to its other zone on a separate interface. Right? So we can now go back to our P F sense.
Ah, Web Consul and Weaken. See if we need to set up a rule or if there's a rule already there, which is potentially blocking what we're trying to achieve from this Callie machine.
so we know their firewalls. We're gonna make our way over to the rules area.
is that we don't have
any rules set up for I went to allow thing or your net control message broke off in activity.
And so we're gonna go ahead and create a rule that will allow
the very action that we just attempted to do, okay.
And the PS sense is a really good job, all kind of breaking down the rules set. You know, What do we care about? What's the action here? We want to make sure that the action passes through, right. The pain request can pass through the land interface and get to that device that we want to see is up or that we want to communicate with
again. The interface that we want this rule to be on is our land.
And the protocol I were interested in is the i c M P, which is gonna be responsible for our pain. Okay. And then we want to give it Ah. Name is very important to be descriptive, right? This is gonna allow us to, uh, quickly
understand what rule was put in by what administrator or what we did. You know, months ago, right?
It's a really good way to measure once
or just measure twice and cut once when you're working on things that could change a network so dramatically.
All right, so we've done that. We're gonna now apply. The change is very important that we apply changes the cool thing about Ah, lot of firewalls do this. You make a change, but it won't go into effect until you actually apply the change. Just again. Measuring twice. Cutting once. Okay, so now that we've got that rule in place,
what we can do is we can go back to that Callie machine
and see if that action of Ping
And there you have it. So now my echo reply is getting that or that my echo request is now getting that echo reply, which is what we wanted. So that's all possible, cause we have that firewall that is in between these zones, and we create a rule that allows
for filtering, right?
So other other protocols where traffic would probably blocked. But this particular protocol the ICMP, which you can see here in the in the actual replies eyes coming through. And we know that that machine is up and well and that the reason why we can get to it wasn't because the host was down,
but because the far wall said,
No, you can't. There was no rule there on. We were being denied.
So we're gonna move on now, and what we can do is actually we could repeat those same rules right on the actual PF sense Web console if we wanted to. All right. We see here on the land, though, however, that we don't necessarily have to do that. And it's gonna be really important that we have understanding on
how to actually read firewall rules,
right? You could see that the protocol here is I p V four, which is what we're working with
because we chose not to do much with HPV six in terms of those interfaces and assigning I p addresses to them.
You see that the source that we're trying to affect here is the land itself, the land network. There's a wild card for the port,
the destination as well, a support number. And so we know that pretty much anything is allowed on this land. So if we try to ping a computer on the land, it's going to work. We go over the opt one or the D. M Z, and we don't have one so we could go ahead and make one just like we did for the win.
and we'll give it another descriptive name aloud. P
right. It can always be descriptive to understand what it is that you're trying to accomplish.
Apply those changes and we'll close that.
Now. The next thing that I really want us to focus on is just again creating more rules that will allow us to see how the far wall works and how we could manipulate it to do business and to do it securely. So we're gonna try toe, create an SS H access to a D M Z.
Okay, so stay tuned for that, I'll be right back.