virtual ip network windows server 2012 windows 08 dual subnets
TRANSCRIPT
Virtual IP Network
Windows Server 2012Windows 08Dual Subnets
Virtual Network Setup• Virtual Box as network simulator• Setup pfSense as a firewall and router
192.168.254.254 Frontier Router
192.168.254.xxx Roeten PC Win7Running Virtual Box software -network simulator2 physical NIC’sSSD used as disk for speed
WAN 192.168.254.43 LAN 192.168.1.1/24Roeten PC Win7 Running pfSense software – acts as firewall and router.
Virtual LAN to Virtual Machines
Microsoft Server 2012 setup• Base server 2012, Win08 setup, • Server 2012, Win08 Clones• pfSense datafill networks, 1st NIC for internal network, 2nd Bridged to
external
Sub Network 1192.168.2.20 2012 Server
Sub Network 2192.168.1.10 Clone Server
192.168.1.15 Clone Win08 PC
192.168.1.11 Clone Server
192.168.1.16 Clone Win08 PC
192.168.1.25 Win08 PC
192.168.1.21 Clone Server
192.168.1.26 Clone Win08 PC
Highlights pfSense Setup• Setup adapter 1 as Network Adapter. This will be our WAN port in
pfSense.• Setup adapter 2 as Network Adapter. This will be our LAN port in
pfSense.• LAN IPv4 – Allow LAN access to any rule.• NAT Firewall Rule – Important rule is to configure NAT rule to allow
pfSense to port forward ports to VM’s 3389 MSRDP port. That is allow outbound traffic to pass from Network A to any network.
Highlights of Virtual Setup• Install Windows 2012 with .ISO. Then install Windows Active Directory
(AD) and shut down. Considered Base.• Install Windows 08 with .ISO and shut down. Considered Base.• Shutting down the base machines allow a stable base for VM’s.• Each VM can now run their base machine .ISO and will only need to save
the changes they make by saving snapshots to .vdi• Create several Windows 2012 linked clones due to future Active Directory
needs.• Create a few Windows 08 linked clones for future use.
Highlights Active Directory Setup• Previously installed AD on the base machine and automatic upgrade to a
Domain Controller (DC)• Create a domain Contoso.com
– Its FQDN is Base2012.Contoso.com
• The AD is integrated• Add Active Directory Domain Services (ADDS) server
– From database authenticates users at login, resource changes, etc.
• Add Active Directory Certificate Services (ADCS) server• Add Domain Name System (DNS) server
– Computer name resolution to an IP address, etc.
• Add Dynamic Host Connection Protocol (DHCP) server – Automatically leases IP addresses to clients, instead of manual setup.
Virtual IP Network With AD• Select view of network
Sub Network 1192.168.1.10 Base2012 ServerDNS 192.168.1.10 (self)GW 192.168.1.10 (LAN)Domain Contoso.comAD, ADDS, ADCSDNSDHCP
Sub Network 2Clone of Base2012 server192.168.2.10 Base2012Clone3DNS 198.1.10 (subnet 1 AD)DHCP noGW 192.168.1.1 = LAN
192.168.2.15 BaseWin08Clone2
192.168.2.11 Base2012Clone4
192.168.2.16 BaseWin08Clone3
192.168.1.15 BaseWin08 PCDNS 192.168.1.10 = Base2012DHCP noGW 192.168.1.1 = LAN
192.168.1.11 Base2012Clone2
192.168.1.16 BaseWin08Clone1
Verify Sub-Networks Interact• Verify Network 1 can communicate with Network 2 and external network.
Visa versa Network 2.• From network 1 open command prompt window verify ping response from network 2,
pfSense IP, Google.com• From network 1 open command prompt window verify ping response from network 2
pfSense IP, Google.com
• Verify can ping DHCP and DNS from random servers and PC’s.• Verify can login into pfSense
continued
• LDAP configuration allows Windows Server 2012 pfSense to communicate. Which allows AD to verify information.
Additional AD Setup• Create a Group Policy Object (GPO)
• Link to domain GPO• Add users and computers with read privileges• Add domain users and domain computers with read
privileges
• Add Domain and Enterprise Admin’s with edit privileges
• Create a OU (Organization Unit) and attach to GPO
Project Goals As MCSE certified engineer apply knowledge and create a Network with
sub-networks Learn new software - pfSense, Virtual Box Learn hardware (virtual) configuration Configure from ground up an AD