title: networking IV
group: networking
The purpose of this project is get familiar with how a firewall operates in a small network. This network will have both internal and external components. The network will need have to be accessible from the external components, along with have the internal components be capable of communicating with external components.
Having proven yourself within the Ithavol Company, you have now been promoted to a Network Administrator. Their current task for you now is to set up the networking infrastructure and various services in a remote office location. This office should be capable of communicating with the internet, along with having remote access to the office. There will be a local network that you need to set up and route to the internet. With all traffic leaving and entering the network coming through a firewall.
Create the networking infrastructure for the building. You will need the following.
Configure the network to have multiple LANs that are routed to the internet.
Configure you switch to have multiple LANs and place your end devices on different LANs
Configure your networking devices to forward external traffic out
Configure your networking devices to forward local traffic back in
Configure the firewall to allow traffic both in and out of the network.
Set up routes on the firewall to determine traffic both in and out
Set up firewall policies to allow traffic both in and out
Verify connectivity from your LANs to the internet. At this point your machines should be able to ping 8.8.8.8, but not the other way around.
From here configure your windows server for active directory and promote it to a domain controller.
Create multiple users and place them in a remote OU
Install a network policy access server and configure it to accept connections from your firewall
Configure the network policy access server to allow the users in the OU you created to login
Configure VPN on your firewall
Configure Authentication for the VPN to use your windows server as a backend
Configure a user group to use your authentication server
Configure the Ubuntu server to host a service, this service should only be internal to your network
Afterward test your VPN, and see if you can view your internal resources.