4.2 Connecting the Network

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
6 hours 28 minutes
Difficulty
Intermediate
CEU/CPE
7
Video Transcription
00:00
>> Welcome back to the Cybrary course
00:00
in building your infosec lab.
00:00
I'm your host and instructor, Kevin Hernandez.
00:00
In our last few lessons,
00:00
we started finishing and installing all of
00:00
our applications regardless of
00:00
whether we're going to utilize them or not.
00:00
In our scenario, we installed QRadar,
00:00
OSSIM and Splunk as our SIEM tools.
00:00
For firewalls, we installed pfSense and IPFire.
00:00
We also installed three OSs: CentOS,
00:00
SIFT, Forensics, and Kali.
00:00
In today's lesson, we will start connecting our lab,
00:00
putting all those pieces together.
00:00
First of all, we're going to start
00:00
>> configuring our VLANs
00:00
>> so we can install and use our firewall.
00:00
In this case, we'll be utilizing pfSense.
00:00
[NOISE] Now before we start connecting our network,
00:00
let's take a quick look at diagram.
00:00
You can see our expectations are to have
00:00
modem to our smart switch in Port 1.
00:00
Then for Port 2, that will go straight to our firewall,
00:00
which then return as well from Port 2 with the VLANs.
00:00
We also have Port 7 in the router and
00:00
Port 8 in the desktop's computers, etc.
00:00
This is where it's going to get hilarious for you
00:00
and heartbreaking for me being honest with you.
00:00
Let's open Excel real quick.
00:00
If you look at this, we have eight ports, [NOISE] 1-8.
00:00
We're using one, two and we're using seven and eight.
00:00
[NOISE] I spent probably the best of
00:00
30 hours or so trying
00:00
to figure out why I couldn't get this to work.
00:00
What happened was that,
00:00
for some reason or another,
00:00
I switched the ports on the router itself,
00:00
the switch, I flipped it.
00:00
Therefore, what I thought was Port 1 and 2
00:00
was actually Port 7 and 8 or 8 and 7.
00:00
Therefore, when I was making my VLANs
00:00
>> during the weekend,
00:00
>> I was creating rules as if
00:00
the Internet was coming from my desktop,
00:00
and my DHCP should be my modem.
00:00
I have them completely inverted.
00:00
The reason I noticed this was actually
00:00
because instead of using this diagram like I did,
00:00
I start disconnecting things
00:00
and keeping it as simple as possible.
00:00
I set it up like this.
00:00
Then instead of using Port 8,
00:00
[NOISE] I put my desktops and my computers in Port 3.
00:00
This is where it hit me. Because once I
00:00
got to my port status,
00:00
once I eliminated all those variables,
00:00
I noticed that I was not looking at Ports 1, 2, 3.
00:00
Instead, I was looking at Port 8, 7, and 6.
00:00
I was like, ''Wait, what's happening?''
00:00
That's when I realized all those hours of
00:00
troubleshooting, looking for ideas,
00:00
talking to other experts in the field that I
00:00
made probably the biggest simplest error.
00:00
There isn't IT [inaudible]
00:00
make sure something is connected.
00:00
[LAUGHTER] Make sure you
00:00
look at your ports before doing anything else.
00:00
Don't assume that this is the first one on the top,
00:00
that is one, or because you thought you had it in one.
00:00
It is one because you can accidentally
00:00
flip it when you're moving around the switch,
00:00
and you will have the same issue I had.
00:00
Good finding, I guess,
00:00
and good troubleshooting that I moved the ports around.
00:00
If I wouldn't have moved the ports
00:00
around and I kept doing one and eight,
00:00
I would have never figured this out.
00:00
Now, if you can see here,
00:00
I'm going to log in into my smart switch right here.
00:00
Here's the port statuses.
00:00
This is where I noticed that I was in D3 instead of D3.
00:00
Now, I actually flipped them around and
00:00
made them where they're supposed to be.
00:00
Now, to connect the things,
00:00
we're going to need three things.
00:00
We're going to have access to a
00:00
>> NETGEAR or smart switch.
00:00
>> We're going to have also require
00:00
access to our ESXi [NOISE] and
00:00
our firewall, [NOISE] 168.1.1.
00:00
Now, if you had the ports inverted like I did,
00:00
none of this will work.
00:00
Just reaching this is a good sign.
00:00
Also, one key of
00:00
advice I'm going to provide you is always have
00:00
your network settings or
00:00
adapter options open here in "Properties" as
00:00
such [NOISE] because you're going to most likely need
00:00
this as well during the installation.
00:00
[NOISE] Let's go ahead and start creating those VLANs.
00:00
First of all, let's go into ESXi
00:00
[NOISE] and put the password.
00:00
There's little changes here from
00:00
what we originally configured in the beginning.
00:00
In the beginning, we created
00:00
a outside interface and an inside interface.
00:00
The only difference in this scenario is that we're
00:00
going to add an ID to that interface.
00:00
Let's give it a second for it to load.
00:00
There we go.
00:00
>> The way we do this is go into "Networking".
00:00
>> Select the Outside interface right here.
00:00
You can see it's only sent to pfSense.
00:00
You're going to edit
00:00
>> and edit the VLAN ID 30.
00:00
>> Now the thing is in order to add that into pfSense,
00:00
you do it through edit right here.
00:00
You click ''Add Network Adapter'' as we did in
00:00
the beginning and make sure Outside is there.
00:00
That's basically how you do it.
00:00
If you don't add this
00:00
second network adapter to anything else,
00:00
nothing else will have this VLAN.
00:00
As you can see here,
00:00
[NOISE] we're still only one IP up.
00:00
Let's go ahead and now that we have configured
00:00
the ports in ESXi,
00:00
let's go to NETGEAR and do the same.
00:00
For this, we're going to go to VLAN 802.1Q.
00:00
I'm going to do that port tracking,
00:00
and we're going to go to "Advanced" and enable it.
00:00
Hit ''Okay.'' Most likely, it'll take you
00:00
out to reenter your password.
00:00
If not, that means you haven't
00:00
>> timed out in a recording.
00:00
>> You're going to be presented VLAN ID 1,
00:00
and you'll have Ports 1 through 8.
00:00
Nothing out of this world.
00:00
Here, you have the memberships
00:00
or how you tag on tag ports
00:00
and the third one is the
00:00
grouping you're going to provide them, the PID.
00:00
First of all, when you work in these switches,
00:00
you have to add PID first there.
00:00
Then, you're going to come to
00:00
the second tab and organize
00:00
it like so and apply.
00:00
Then, you got to come through
00:00
the third tab and modify it as such.
00:00
You're going to come back to "Memberships."
00:00
Then, you remove it from here.
00:00
This is VLAN 1 is going to be
00:00
our regular network like insight network.
00:00
Therefore, you don't want the modem to
00:00
be part of the insight network.
00:00
That's the reason you disable it or remove.
00:00
Thirty, this is in tech,
00:00
and all the traffic you want to send from
00:00
this port is going to go straight to this port tag.
00:00
Now, let's go back into pfSense.
00:00
There we go. We're going to go to their interfaces WAN.
00:00
Then, we're going to click right here in the top right.
00:00
We going to release and renew our IP.
00:00
It just takes a few minutes,
00:00
especially for a renewal phase.
00:00
I'm not going to stop the video until it finishes.
00:00
Once it finishes renewing,
00:00
you will get an IP address.
00:00
Now, in this case, it looks
00:00
internal instead of external.
00:00
It's working, so I'm happy.
00:00
However, in my prior scenario,
00:00
the IP itself looks external, not internal.
00:00
I have to figure out what's happening in that scenario.
00:00
Now, if for example, when you're renewing,
00:00
it doesn't get an IP and it stays 0.0.0, in my case,
00:00
what helped me was as I click "Renew",
00:00
I dash into the room where I have my modem,
00:00
disconnect, reconnect, and once it reconnected,
00:00
I was able to get an IP.
00:00
You can see I have now Internet access.
00:00
Great. Click. You can see here.
00:00
This is my other course. [LAUGHTER]
00:00
>> It will greatly help you in your lab as well.
00:00
>> What exactly did we learn today?
00:00
First of all, we start configuring our VLANs,
00:00
reconfigured them both in
00:00
the ESXi as well as in our smart switch.
00:00
We went over the different groups
00:00
and the different tagging that needed to be required.
00:00
We also configured properly the interfaces
00:00
>> in pfSense as
00:00
>> our initial installation was more of
00:00
a dummy installation in
00:00
order to get the operating system up,
00:00
and familiarized ourselves with the dashboard.
00:00
Not only that, but we also showed how to release and
00:00
renew the lease of
00:00
your IP in order to make the installation complete.
00:00
Next lesson, we'll actually
00:00
start digging deeper into pfSense.
00:00
We'll look at some of its features, the functions,
00:00
and start enabling them in order
00:00
to make our lab more operational.
00:00
Remember, just because you're building a lab
00:00
>> to simulate the one in your work environment
00:00
>> doesn't mean you can enhance it.
00:00
Maybe some of those things that you discover during
00:00
your lab might make your experience
00:00
>> at work even better.
00:00
>> We want to dive as deep as possible and
00:00
get as much experience as we can
00:00
>> when building this lab.
00:00
>> The more things we install and get familiarized with,
00:00
the more comfortable we will
00:00
be when it comes to real-life scenarios.
00:00
Take a look into tools such as VPN,
00:00
[inaudible] proxy through Squid, IPS, etc.
00:00
Some of those you already
00:00
saw through the Extension Manager.
00:00
The real reason why I do this is because
00:00
we want to have the most bang for
00:00
the buck when it comes to
00:00
this next-gen firewall type of a plan.
00:00
I hope to see you soon. Have a great day.
Up Next