Table of Contents
It is recommended that you work in pairs for this lab to make it easier to do testing and troubleshooting. Before doing this lab, you should have completed the Subnetting tutorial for IPv4, as we shall be using the same network design, as shown in Figure 26, “Network Map for this Laboratory”.
You will find it very useful to have read parts of
the Vyatta documentation on Firewalling, which should be
available in the
In this lab, you will make use of the Vyatta firewall to implement several policies suitable for a small network with a few public services. In this network, you will have an external network, an internal LAN and a De-Militarised Zone (DMZ), where your public services are being housed. As already mentioned, this is identical to the network we addressed in the Subnetting tutorial.
Define the physical topology of your network; you should have learned the skills for this in the previous lab, but here are some reminders.
All interfaces will be Internal Network adaptors, not NAT or anything else. Remember that F1 will have three interfaces, so call each switch “LAN”, “DMZ” and “fake_internet” appropriately.
Remember to use the init-floppy command inside Vyatta in order to save. If you don’t do this, your changes will only be saved in the filesystem, which is volatile in the LiveCD environment; therefore you will lose your work if you don’t prepare the floppy!