|Site to Site Router + W2K3
|Page 1 of 1|
|Author:||GMarciales [ Wed Aug 21, 2013 3:32 am ]|
|Post subject:||Site to Site Router + W2K3|
The idea in our lab is show how we can work mixed devices and vendors to find a specific solution, like IPSec to ensure our communications.
Software to virtualize computers, in our case we work with Oracle VirtualBox with specific changes for our goals; below details about customization
Add two more loopback interfaces from Oracle VirtualBox
https://www.dropbox.com/s/fzi8bx0sw2063 ... edin01.jpg
https://www.dropbox.com/s/jhzoji2hpiwa9 ... edin02.jpg
https://www.dropbox.com/s/ddycj6cdmbvlj ... edin03.jpg
On this case, we need loopback interfaces only to Ethernet transport between VirtualBox and GNS3, for this reason, we can uncheck all items in each one loopback interface.
https://www.dropbox.com/s/niyi72wewk2ij ... edin04.jpg
Below the network topology:
https://www.dropbox.com/s/fpod68sojbzll ... edin05.jpg
Two computers running MS Windows NT 4.0 are part of the computers on the local networks, the other computer running MS Windows Server 2003 is the border of “network 01”.
GNS3 running two routers, one router is part of provider, another router is the border of one LAN.
The Running Config on this case is so basic, beginning from default configuration; we only did change for our goal.
Three computers start from default OS installation, below the main changes on the server:
IMPORTANT: since Windows 2000 Microsoft include a powerful service “Routing and Remote Access Service”, we can work with this service, but for our purpose is not necessary advanced routing, because our real goal is show how we can protect our communication.
For this reason, on the server we change direct in REGEDIT a property to allow the server with two NIC act like a basic router
https://www.dropbox.com/s/bn8bre29cimqq ... edin06.jpg
https://www.dropbox.com/s/tl75mvua9hift ... edin07.jpg
https://www.dropbox.com/s/6zmrnw0plf6j6 ... edin08.jpg
Next steps to build a gui to monitor/manage IPSec on MS Windows, below I leave a sample configuration file exactly for this lab, its possible import
https://www.dropbox.com/s/9s1zyqdqe7sqd ... edin09.jpg
https://www.dropbox.com/s/02pu7dlahraz5 ... din010.jpg
Crypto map file for MS Windows:
https://www.dropbox.com/s/owoil57skuhty ... Site.ipsec
communication sample screen between two networks without IPSec https://www.dropbox.com/s/pcr3h97bpggew ... din011.jpg
communication sample screen between two networks with IPSec https://www.dropbox.com/s/a7gihp3qeozfu ... din012.jpg
Routers config files:
|Page 1 of 1||All times are UTC|
|Powered by phpBB® Forum Software © phpBB Group