Embed Size (px)
Citation preview
NETWORK ADMINISTRATION Firewall/Proxy Server:
2013-2015
PASSERELLES NUMERIQEUS CAMBODIA
Street 371 Phum Tropeang Chhuk (Borey Sorla), Sangkat Tek Thia Khan Sek Sok P.O. Box 511 Phnom Penh, Cambodia
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 1
Contents
Note: All clients’ access have to across firewall.
Working time: 7:30-11:30 and 1:00-5:00 from Monday to Friday.
1. Server
A. Proxy/Firewall Server Can access internet
B. LAN Server can ping to Proxy/Firewall Server
C. LAN Server can remote to Proxy/Firewall Server
D. LAN Server can access to Internet without using Proxy Server
E. Local DNS Server requests DNS from ISP
2. Client
F. Get IP address automatically from DHCP Server
G. LAN-client requests DNS from Local DNS Server
H. IP address from 10.20.xxx.1 can access internet without using proxy.
I. LAN-client IP from 10.20.xxx.2 - 10.20.xxx.253/24 have to use proxy for accessing
Internet by blocking:
a. Block website
b. Block download extension (.mp3, .mp4, .exe)
c. All Client can access any website beside of working time.
d. Allow LAN client access to website by authentication use from Domain controller.
e. Make sure clients cannot access websites that not good on squidguard and shallalist
file.
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 2
LAB Instruction
Note: Make sure all the AD+DNS+DHCP is enables to access and using them.
LAN Server
o Network Address: 192.168.200.0/25
o AD+DNS+DHCP: 192.168.200.1
o Gateway: 192.168.200.126
o Pool/Scope range: 192.168.200.2-192.168.200.253
LAN Client
o Network Address: 10.20.135.0/24
o Gateway: 10.20.135.254
o Pool/Scope range: 10.20.135.1-10.20.135.253
Firewall/Proxy Server (SuSE 11)
o Added 3 network card
NIC for LAN Server: 192.168.200.126/25
NIC For LAN Client: 10.20.135.254/24
NIC for Internet: 172.16.1.135/23
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 3
Allow Client Request DHCP with IP address and domain
IP reservation for client 10.20.135.1
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 4
WINDOWS
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 5
LAN Server
A. Allow Proxy/Firewall Server can access Internet
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 6
B. LAN Server Can ping to proxy/Firewall server
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 7
C. LAN server can remote to proxy/Firewall server
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 8
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 9
D. LAN server can access to Internet without using proxy server
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 10
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 11
E. Local DNS server request DNS from ISP
Allow server request DNS from ISP
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 12
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 13
LAN Client
F. Get IP address automatically from DHCP Server
PC1 Request Reservation DHCP
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 14
=
PC2 Request DHCP
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 15
G. LAN_Client Request DNS from local DNS Server
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 16
PC1 10.20.135.1 Request DNS from Local Server
PC2
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 17
H. IP Address from 10.20.135.1 can access internet without using
proxy
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 18
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 19
I. LAN-Client IP from 10.20.135.2-10.20.135.253/24 have to use
proxy for accessing Internet by blocking:
PC2 access to internet
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 20
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 21
Block website: www.facebook.com, www.youtube.com
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 22
Block extensions: MP3
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 23
Block extensions: MP4
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 24
Block extensions: exe
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 25
Beside working time client 10.20.135.2-10.20.135.253 can access
to the website and download also.
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 26
PC1 access to internet without using proxy server
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 27
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 28
Allow LAN client access to website by authentication use from
Domain controller.
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 29
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 30
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 31
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 32
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 33
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 34
Proxy Server allow and Deny
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 35
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 36
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 37
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 38
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 39
Configure squidGurad
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 40
Then now we can download squidGuard from internet and install. In this, I have squidguard-1-
3.99-1.49.i586.rpm, so I install it with command rpm.
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 41
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 42
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 43
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 44
PASSERELLESNUMERIQUES CAMBODIA NETWORK ADMINISTRATION
TOLA.LENG-PC 45
The End!
![[Peerates.net] - eBook - LINUX - SUSE - Firewall VPN Manual](https://img.dokumen.tips/doc/110x75/577cd89f1a28ab9e78a1a1f2/peeratesnet-ebook-linux-suse-firewall-vpn-manual.jpg)
