Documentos de Académico
Documentos de Profesional
Documentos de Cultura
ASC2016_TP39_EN
1 of 11
Contents
ISLAND A ................................................................................................................................................................. 3
CONTENTS .............................................................................................................................................................................. 3
INTRODUCTION........................................................................................................................................................................ 3
DESCRIPTION OF PROJECT AND TASKS........................................................................................................................................... 3
PART 1 ..................................................................................................................................................................... 4
PART 2 ..................................................................................................................................................................... 7
APPENDIX ....................................................................................................................................................................8
SPECIFICATIONS .................................................................................................................................................................. 8
lnxsrv1 ............................................................................................................................................................................. 8
Lnxsrv2 ............................................................................................................................................................................ 8
Lnxrtr1......................................................................................................................................................................... 8
Lnxclt1 ............................................................................................................................................................................. 8
Lnxclt2 ............................................................................................................................................................................. 8
LOGICAL TOPOLOGY DIAGRAM ................................................................................................................................................... 9
NETWORK SPECIFICATIONS ...................................................................................................................................................... 10
INSTRUCTIONS ...........................................................................................................................................................11
INSTRUCTIONS TO THE COMPETITOR.......................................................................................................................................... 11
EQUIPMENT, MACHINERY, INSTALLATIONS AND MATERIALS REQUIRED ............................................................................................. 11
ASC2016_TP39_EN
Version: 1.0
Date: 16.05.2015
2 of 11
Island A
Contents
This Test Project proposal consists of the following document/file:
1. ASC2016_TP39 _pre_EN_Module-A.docx
Introduction
The competition has a fixed start and finish time. You must decide how to best divide your time.
Please carefully read the following instructions!
ASC2016_TP39_EN
Version: 1.0
Date: 16.05.2015
3 of 11
Part 1
Work Task Installation (lnxrtr1, lnxsrv1, lnxsrv2)
Note: Please use the default configuration if you are not given the details.
The base Linux Debian OS has been set up on lnxrtr1, lnxsrv1 and lnxsrv2.
Work Task Server lnxrtr1
Configure the server with the hostname, domain and IP specified in the appendix
o Install the services:
Routing
Enable routing
Firewall (iptables)
Prohibit access from External to DMZ except HTTPS, DNS, FTPS, SMTPS,
IMAPS to lnxsrv1
Prohibit access from External to Internal VLAN
Prohibit access from DMZ to Internal VLAN except RADIUS
Prohibit access ping from the DMZ to internal
Configure source NAT for internet access
Static NAT mappings
o 192.168.10.150 <=> 32.54.87.114
DHCP
o Scope for Internal VLAN:
Range: 172.17.20.100 172.17.20.150
Netmask: /24
Gateway: 172.17.20.1
DNS: 192.168.10.10
o DNS-Suffix: apps4you.com
o Lnxclnt2 should always receive the following IP: 172.17.20.95
o The clients should automatically register their name with the DNS
servers after they have been assigned with an IP address by the
DHCP server.
VPN (OpenVPN)
Configure VPN access to Internal VLAN. External clients should connect to
32.54.87.115
Make sure that VPN clients can only access server lnxsrv2
Use address range 10.2.1.1 to 10.2.1.62 for VPN clients
For login create a user vpn with password Skills39
Use a certificate signed by lnxsrv2
Proxy (Squid)
Configure a reverse SSL proxy for www.apps4you.com website, which is
hosted by lnxsrv1
For www. apps4you.com, HTTP access should be redirected to HTTPS
automatically
o Use a certificate signed by lnxsrv2
Make sure no certificate warning is shown
o Use Client-Certificate authentication for www.apps4you.com
Allow only client certificates, which are signed by lnxsrv2
ASC2016_TP39_EN
Version: 1.0
Date: 16.05.2015
4 of 11
ASC2016_TP39_EN
Version: 1.0
Date: 16.05.2015
5 of 11
ASC2016_TP39_EN
Version: 1.0
Date: 16.05.2015
6 of 11
PART 2
Work Task Installation (lnxclnt1, lnxclnt2)
Note: Please use the default configuration if you are not given the details.
Install a GUI (graphical user interface) of your choice
Work Task lnxclnt1
Note: Please use the default configuration if you are not given the details.
Configure the client with the hostname, domain and IP specified in the appendix
Make sure the client can connect to lnxsrv2 (via lnxrtr1) through VPN
Make sure the root CA certificate of lnxsrv2 is trusted
Make sure the client certificate is installed
Install FileZilla FTP client
Install Icedove mail client
o Configure mailbox of user20
o Install Enigmail
o Create Private/Public keys for encryption with gnupg (RSA 1024)
o Make sure user20 can send encrypted mails to user30
Make sure the client can access samba shares.
Work Task lnxclnt2
Note: Please use the default configuration if you are not given the details.
Configure the client with the hostname, domain and IP specified in the appendix
Make sure the root CA certificate of lnxsrv2 is trusted
Make sure the client certificate is installed
Install Icedove mail client
o Configure mailbox of user30
o Install Enigmail
o Create Private/Public keys for encryption with gnupg (RSA 1024)
o Make sure user30 can send encrypted mails to user20
Make sure the client can access the internal share.
Install Cadaver (WebDAV client)
ASC2016_TP39_EN
Version: 1.0
Date: 16.05.2015
7 of 11
APPENDIX
SPECIFICATIONS
lnxsrv1
IP
Hostname
User name
Admin Password
192.168.10.150/25 (VLAN10)
lnxsrv1
root
Skills39
lnxsrv2
IP
Hostname
User name
Admin Password
172.17.20.50/24 (VLAN20)
lnxsrv2
root
Skills39
lnxrtr1
Internal IP
External IP
DMZ IP
VPN network
Hostname
User name
Admin Password
172.17.20.1/24 (VLAN20)
32.54.87.115/29 (VLAN99)
192.168.10.129/25 (VLAN10)
10.2.1.0/26
lnxrtr1
root
Skills39
lnxclnt1
IP
Hostname
User name
Admin Password
32.54.87.116/29 (VLAN99)
lnxclnt1
sysop
Skills39
lnxclnt2
Internal IP
Hostname
User name
Admin Password
ASC2016_TP39_EN
DHCP client
lnxclnt2
sysop
Skills39
Version: 1.0
Date: 16.05.2015
8 of 11
ASC2016_TP39_EN
Version: 1.0
Date: 16.05.2015
9 of 11
Network Specifications
ASC2016_TP39_MODULE-A_EN
Version: 1.0
Date: 16.05.2015
10 of 11
Instructions
Instructions to the Competitor
ASC2016_TP39_MODULE-A_EN
Version: 1.0
Date: 16.05.2015
11 of 11