The idea in our lab is show how we can work mixed devices and vendors to find a specific solution, like IPSec to ensure our communications.
Requirements:
Software to virtualize computers, in our case we work with Oracle VirtualBox with specific changes for our goals; below details about customization
Add two more loopback interfaces from Oracle VirtualBox
https://www.dropbox.com/s/fzi8bx0sw2063 ... edin01.jpghttps://www.dropbox.com/s/jhzoji2hpiwa9 ... edin02.jpghttps://www.dropbox.com/s/ddycj6cdmbvlj ... edin03.jpgOn this case, we need loopback interfaces only to Ethernet transport between VirtualBox and GNS3, for this reason, we can uncheck all items in each one loopback interface.
https://www.dropbox.com/s/niyi72wewk2ij ... edin04.jpgBelow the network topology:
https://www.dropbox.com/s/fpod68sojbzll ... edin05.jpgTwo computers running MS Windows NT 4.0 are part of the computers on the local networks, the other computer running MS Windows Server 2003 is the border of “network 01”.
GNS3 running two routers, one router is part of provider, another router is the border of one LAN.
The Running Config on this case is so basic, beginning from default configuration; we only did change for our goal.
Three computers start from default OS installation, below the main changes on the server:
IMPORTANT: since Windows 2000 Microsoft include a powerful service “Routing and Remote Access Service”, we can work with this service, but for our purpose is not necessary advanced routing, because our real goal is show how we can protect our communication.
For this reason, on the server we change direct in REGEDIT a property to allow the server with two NIC act like a basic router
https://www.dropbox.com/s/bn8bre29cimqq ... edin06.jpghttps://www.dropbox.com/s/tl75mvua9hift ... edin07.jpghttps://www.dropbox.com/s/6zmrnw0plf6j6 ... edin08.jpgNext steps to build a gui to monitor/manage IPSec on MS Windows, below I leave a sample configuration file exactly for this lab, its possible import
https://www.dropbox.com/s/9s1zyqdqe7sqd ... edin09.jpghttps://www.dropbox.com/s/02pu7dlahraz5 ... din010.jpgCrypto map file for MS Windows:
https://www.dropbox.com/s/owoil57skuhty ... Site.ipseccommunication sample screen between two networks without IPSec
https://www.dropbox.com/s/pcr3h97bpggew ... din011.jpgcommunication sample screen between two networks with IPSec
https://www.dropbox.com/s/a7gihp3qeozfu ... din012.jpgRouters config files:
https://www.dropbox.com/s/77quy4fu2wns9g5/R1.cfghttps://www.dropbox.com/s/hdjc5i0sja7bili/R2.cfg
Login
FAQ
Search
