Download PNETLab Platform
PNETLAB Store
PNETLab.com
I. Perquisite:
- Installing Docker Ubuntu Desktop 20.04, WSA (COEUS-9-1-2-010-S000V), CSR1000v-
universalk9.16.06.03 from device tab by click Get Device.
- RAM 16Gb, CPU 4 cores
- HDD adding 12Gb more
II. Topology
III. Question:
1
�Download PNETLab Platform
PNETLAB Store
PNETLab.com
1. Your configuration should meet the following requirements:
- Traffic should be redirected to WSA at 192.168.1.2
- WCCP communication between R2 and WSA should be authenticated using password "cisco"
- Any traffic filtering applied should be network and host specific for the HTTP port 80
- Forwarding and Return Method for redirection should be GRE only.
2. Your configuration should meet the following requirements:
HTTP traffic at port 80 originated from 172.16.1.0/24 network directed to server1 and server2
should be allowed if FireFox as a browser is used but dropped if originated from the Chorme
Explorer, all the other traffic should be allowed.
Identification Profile 1:
Name: Monitor Profile
Check for source 172.16.1.0/24
Check for browser Type-Version: FireFox-Any
Identification Profile 2:
Name: Block Profile
Check for source 172.16.1.0/24
Check for browser Type-Version: Chrome-Any
No Device IP mgmt. account
1 WSA 192.168.1.2 admin/ironport
2 Ubuntu 172.16.1.2 admin/admin
3 Internet 8.8.8.8/1.1.1.1 pnetlab/pnetlab
2
�Download PNETLab Platform
PNETLAB Store
PNETLab.com
IV. Solution:
1. Configure User docker
Menu -> All -> LXTermial
sudo ifconfig eth1 172.16.1.2/24
sudo route add default gw 172.16.1.1
2. WSA Configuration
- Step 1: download and add license WSA. Please flow this guideline:
https://www.cisco.com/c/en/us/support/docs/security/email-security-virtual-
appliance/118301-technote-esa-00.html
- Step 2: initial setup. Please flow this guide
Click to WSA login with default password: admin/ironport
wsa.cisco.com> interfaceconfig
Currently configured interfaces:
1. Management (192.168.1.2/24 on Management: mgmt.wsa.cisco.com)
Choose the operation you want to perform:
- NEW - Create a new interface.
- EDIT - Modify an interface.
- DELETE - Remove an interface.
- DETAILS - Show details of an interface.
[]> EDIT
Enter the number of the interface you wish to edit.
[]> 1
Would you like to configure an IPv4 address for this interface (y/n)?
[Y]>
IPv4 Address (Ex: 192.168.1.2 ):
[192.168.1.2]> 192.168.1.2
Netmask (Ex: "24", "255.255.255.0" or "0xffffff00"):
[24]> 24
Enter then commit
3. Setup System Wizard
Click MGMT PC and http://192.168.1.2
3
�Download PNETLab Platform
PNETLAB Store
PNETLab.com
4
�Download PNETLab Platform
PNETLAB Store
PNETLab.com
5
�Download PNETLab Platform
PNETLAB Store
PNETLab.com
6
�Download PNETLab Platform
PNETLAB Store
PNETLab.com
7
�Download PNETLab Platform
PNETLAB Store
PNETLab.com
8
�Download PNETLab Platform
PNETLAB Store
PNETLab.com
After installing, WSA will reboot. Let login again with http://192.168.1.2:8443
9
�Download PNETLab Platform
PNETLAB Store
PNETLab.com
4. Setup transparent Redirection
10
�Download PNETLab Platform
PNETLAB Store
PNETLab.com
11
�Download PNETLab Platform
PNETLAB Store
PNETLab.com
12
�Download PNETLab Platform
PNETLAB Store
PNETLab.com
5. Setup web proxy
13
�Download PNETLab Platform
PNETLAB Store
PNETLab.com
14
�Download PNETLab Platform
PNETLAB Store
PNETLab.com
6. Setup URL categories
15
�Download PNETLab Platform
PNETLAB Store
PNETLab.com
7. Setup Identification Profiles
16
�Download PNETLab Platform
PNETLAB Store
PNETLab.com
17
�Download PNETLab Platform
PNETLAB Store
PNETLab.com
8. Setup Access Policies
18
�Download PNETLab Platform
PNETLAB Store
PNETLab.com
19
�Download PNETLab Platform
PNETLAB Store
PNETLab.com
20
�Download PNETLab Platform
PNETLAB Store
PNETLab.com
V. Verification
Login user docker, open chrome and firefox: http://8.8.8.8 and http://1.1.1.1
Firefox allowed to the server. Chrome get blocked
============= END =============
21
