Configure a Perimeter Firewall (credit to MindTap)

 You work as the IT security administrator for a small corporate network, and you recently placed a web server in the screened subnet. Now you need to configure the perimeter firewall on the network security appliance (pfSense) to allow access from the WAN to the web server using both HTTP and HTTPS. You also want to allow all traffic from the LAN network to the screened subnet.

In this lab, your task is to:

• Access the pfSense management console:
  • Username: admin
  • Password: P@ssw0rd (zero)
• Create and configure a firewall rule to pass HTTP traffic from the WAN to the web server in the screened subnet.
• Create and configure a firewall rule to pass HTTPS traffic from the WAN to the web server in the screened subnet.
  • Use the following table when creating the HTTP and HTTPS firewall rules:

    Parameter	Setting
    Source	WAN network
    Destination port/service	HTTP (80), HTTPS (443)
    Destination	A single host
    IP address for host	172.16.1.5
    Descriptions	For HTTP: HTTP from WAN to screened subnet For HTTPS: HTTPS from WAN to screened subnet

• Create and configure a firewall rule to pass all traffic from the LAN network to the screened subnet. Use the following description: LAN to screened subnet Any

Complete this lab as follows:

1. Sign in to the pfSense management console.
   1. In the Username field, enter admin for the username.
   2. In the Password field, enter P@ssw0rd (0 is a zero).
   3. Select SIGN IN or press Enter.
2. Create and configure a firewall rule to pass HTTP traffic from the WAN to the web server in the screened subnet.
   1. From the pfSense menu bar, select Firewall > Rules.
   2. Under the Firewall breadcrumb, select DMZ.
   3. Select Add (either one).
   4. Make sure Action is set to Pass.
   5. Under Source, use the dropdown to select WAN net.
   6. Under Destination, use the Destination drop-down to select Single host or alias.
   7. In the Destination Address field, enter 172.16.1.5
   8. Using the Destination Port Range dropdown, select HTTP (80).
   9. Under Extra Options, in the Description field, enter HTTP from WAN to screened subnet
   10. Select Save.
   11. Select Apply Changes.
   12. 3.Create and configure a firewall rule to pass HTTPS traffic from the WAN to the web server in the screened subnet.
   13. 1. For the rule just created, select the copy icon (two files).
       2. Under Destination, change the Destination Port Range to HTTPS (443).
       3. Under Extra Options, change the Description filed to HTTPS from WAN to screened subnet.
       4. Select Save.
       5. Select Apply Changes.
   14. Create and configure a firewall rule to pass all traffic from the LAN network to the screened subnet.
       1. Select Add (either one).
       2. Make sure Action is set to Pass.
       3. For Protocol, use the dropdown to select Any.
       4. Under Source, use the dropdown to select LAN net.
       5. Under Destination, use the dropdown to select DMZ net.
       6. Under Extra Options, change the Description to be LAN to screened subnet Any
       7. Select Save.
       8. Select Apply Changes.