Network Security Wiki

F5 Lab: Difference between revisions

Page Discussion

F5 Lab (view source)

Revision as of 21:56, 11 October 2023

674 bytes added ,  8 months ago
→‎Topology
No edit summary
Line 16:
 
 
== KVM Installation ==
vim virbr0.xml
 
 
== Network Configuration ==
 
* Configure br0 for Management access:
vim virbr0.xml
 
<syntaxhighlight lang="bash">
<network>
<name>virbr0</name>
Line 33 ⟶ 39:
</ip>
</network>
</syntaxhighlight>
 
Apply the config:
sudo virsh net-define virbr0.xml
sudo virsh net-liststart --allvirbr0
sudo virsh net-listautostart --allvirbr0
 
Verify:
sudo virsh net-define virbr0.xml
sudo virsh net-startlist virbr0--all
sudo ip virshaddr net-autostartshow dev virbr0
sudo virsh net-list --all
ip addr show dev virbr0
 
 
* Configure br1 for Backend Server access:
vim virbr1.xml
 
<syntaxhighlight lang="bash">
<network>
<name>virbr1</name>
Line 58 ⟶ 69:
</ip>
</network>
</syntaxhighlight>
 
Apply the config:
sudo virsh net-define virbr1.xml
sudo virsh net-liststart --allvirbr1
sudo virsh net-defineautostart virbr2.xmlvirbr1
 
Verify:
sudo virsh net-define virbr1.xml
sudo virsh net-startlist virbr1--all
sudo ip virshaddr net-autostartshow dev virbr1
sudo virsh net-list --all
ip addr show dev virbr1
 
 
* Configure br2 for Client access:
vim virbr2.xml
 
<syntaxhighlight lang="bash">
<network>
<name>virbr2</name>
Line 83 ⟶ 99:
</ip>
</network>
</syntaxhighlight>
 
Apply the config:
sudo virsh net-define virbr2.xml
sudo virsh net-start virbr2
sudo virsh net-autostart virbr2
 
Verify:
sudo virsh net-define virbr2.xml
sudo virsh net-startlist virbr2--all
sudo ip virshaddr net-autostartshow dev virbr2
sudo virsh net-list --all
ip addr show dev virbr2
 
 
== Install F5 VM: ==
 
<syntaxhighlight lang="bash">
sudo virt-install \
--name=bigip \
Line 106 ⟶ 127:
--os-type=linux --os-variant=rhel6 \
--import --autostart --noautoconsole
</syntaxhighlight>
 
* Perform Natting in IPTables for Management Access:
sudo iptables -t nat -I PREROUTING -p tcp -d 10.157.137.138 --dport 8443 -j DNAT --to-destination 192.168.122.185:443
sudo iptables -I FORWARD -m state -d 192.168.122.0/24 --state NEW,RELATED,ESTABLISHED -j ACCEPT
 
== Install Backend Server VM ==
sudo iptables -t nat -I PREROUTING -p tcp -d 10.157.137.138 --dport 8443 -j DNAT --to-destination 192.168.122.185:443
<syntaxhighlight lang="bash">
sudo iptables -I FORWARD -m state -d 192.168.122.0/24 --state NEW,RELATED,ESTABLISHED -j ACCEPT
 
 
sudo virt-install \
--name=server \
Line 123 ⟶ 146:
--os-variant=rhel6 \
--import --autostart --noautoconsole
</syntaxhighlight>
 
== Install Client VM ==
 
<syntaxhighlight lang="bash">
 
 
sudo virt-install \
--name=client \
Line 138 ⟶ 162:
--os-variant=rhel6 \
--import --autostart --noautoconsole
</syntaxhighlight>
 
 
<br />
Retrieved from "https://aman.awiki.org/wiki/Special:MobileDiff/4780"