Scribd
Upload
246 views10 pages

Workbook

The document provides instructions for downloading and configuring a PNETLab network topology simulation. It includes prerequisites of installing Docker and having at least 4GB of RAM and 2 CPU cores. The topology involves configuring a Fortigate firewall, web server, switches and routers. Specific configuration tasks include setting interfaces, policies, routes and verifying connectivity. The goal is to permit certain internal users to access the internet and internal web server, while restricting other traffic and users.

Uploaded by

quyen101096
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
246 views10 pages

Workbook

The document provides instructions for downloading and configuring a PNETLab network topology simulation. It includes prerequisites of installing Docker and having at least 4GB of RAM and 2 CPU cores. The topology involves configuring a Fortigate firewall, web server, switches and routers. Specific configuration tasks include setting interfaces, policies, routes and verifying connectivity. The goal is to permit certain internal users to access the internet and internal web server, while restricting other traffic and users.

Uploaded by

quyen101096
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 10

Download PNETLab Platform

PNETLAB Store
PNETLab.com

I. Perquisite:
- Installed docker chorme from device tab by click Get Device

- RAM 4Gb, CPU 2 core

II. Topology

III. Question:
1. Configure Fortigate interface
2. Configure default route on Fortigate point to WAN Router
3. Configure policy on Fortigate:
o Permit Admin, Marketing to internet (ping 8.8.8.8)
o Permit Admin go to Web-server
o Deny Marking go to Web-Server
o Deny Web-Server go to Internet

No Device IP mgmt. account


1 Fortigate 192.168.1.2 admin/Admin123
2 Web-Server 192.168.201.2 pnetlab/pnetlab
3 Internet 8.8.8.8 pnetlab/pnetlab

1
Download PNETLab Platform
PNETLAB Store
PNETLab.com

Solution

1. Configure fortigate

FortiGate-VM64-KVM login: admin


Password:
You are forced to change your password. Please input a new
password.
New Password: Admin@123
Confirm Password: Admin@123
Welcome!
FortiGate-VM64-KVM #
FortiGate-VM64-KVM # config system interface

FortiGate-VM64-KVM (interface) # edit port1

FortiGate-VM64-KVM (port1) # set mode static

FortiGate-VM64-KVM (port1) # set ip 192.168.1.2/24

FortiGate-VM64-KVM (port1) # end

Click to Mgmt pc (Docker chrome) -> http://192.168.1.2 -> login account: admin/Admin123

- Configure LAN interface

Interface -> Create new -> Interface

2
Download PNETLab Platform
PNETLAB Store
PNETLab.com

- Configure DMZ interface

3
Download PNETLab Platform
PNETLAB Store
PNETLab.com

- Configure WAN interface

Edit interface port3

- Configure default route to internet

Network -> Static Routes -> Create New

4
Download PNETLab Platform
PNETLAB Store
PNETLab.com

2. Configure SW, Router (ready on preconfigure)

SW_User
hostname SW_User
!
interface Ethernet0/0
switchport trunk allowed vlan 100,200
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Ethernet0/1
switchport access vlan 100
switchport mode access
!
interface Ethernet0/2
switchport access vlan 200
switchport mode access

SW_DMZ
hostname SW_DMZ
!
interface Ethernet0/0
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Ethernet0/1
switchport access vlan 201
switchport mode access

WAN

hostname WAN
!
interface Ethernet0/0
ip address 172.1.1.2 255.255.255.0
5
Download PNETLab Platform
PNETLAB Store
PNETLab.com

ip nat inside
!
interface Ethernet0/1
ip address 100.1.1.1 255.255.255.0
ip nat outside
!
ip nat inside source list NAT interface Ethernet0/1 overload
!
ip route 0.0.0.0 0.0.0.0 100.1.1.2
!
ip access-list standard NAT
permit any

INTERNET
hostname INTERNET
!
username pnetlab privilege 15 password 0 pnetlab
!
interface Loopback0
ip address 8.8.8.8 255.255.255.255
!
interface Ethernet0/0
ip address 100.1.1.2 255.255.255.0
!
ip http server
ip http authentication local

Web-Server
hostname Web-Server
!
username pnetlab privilege 15 password 0 pnetlab
!
interface Ethernet0/0
ip address 192.168.201.2 255.255.255.0
!
ip http server
ip http authentication local
ip route 0.0.0.0 0.0.0.0 192.168.201.1

3. Configure Policy Route on Fortigate

Policy & Object -> Firewall Policy -> Create New

- permit admim/Marketing to internet

6
Download PNETLab Platform
PNETLAB Store
PNETLab.com

7
Download PNETLab Platform
PNETLAB Store
PNETLab.com

Verify:

Open Admin Docker -> http://8.8.8.8 then login with account: pnetlab/pnetlab

8
Download PNETLab Platform
PNETLAB Store
PNETLab.com

- Permit Admin to Web-Server 192.168.201.2

4. Verify

Open Admin Docker -> http://192.168.201.2 -> login with account: pnetlab/pnetlab

9
Download PNETLab Platform
PNETLAB Store
PNETLab.com

Close browser -> open terminal -> ping 192.168.201.2

 Allow http but doesn’t allow ping

================== END ==================

10

You might also like