Scribd
Upload
174 views3 pages

VPN and Firewall Exercises Overview

This document contains exercises on virtual private networks (VPNs) and firewalls. It includes tasks to describe VPN terminology, configure site-to-site VPNs between networks using IPSec and OpenVPN, and set up a remote access VPN with OpenVPN. Students are instructed to complete the exercises using Linux, openssl, Wireshark, and java programs to observe network traffic with and without the VPNs configured.

Uploaded by

Sun Java
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
174 views3 pages

VPN and Firewall Exercises Overview

This document contains exercises on virtual private networks (VPNs) and firewalls. It includes tasks to describe VPN terminology, configure site-to-site VPNs between networks using IPSec and OpenVPN, and set up a remote access VPN with OpenVPN. Students are instructed to complete the exercises using Linux, openssl, Wireshark, and java programs to observe network traffic with and without the VPNs configured.

Uploaded by

Sun Java
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Fachbereich 2 IT-Security

Prof. Dr. Martin Kappes (I/II)

Exercise Chapter Virtual Private Networks

Exercise 1:

Describe the following terms briefly in 3-4 sentences.

1. Virtual Private Network

2. RAS

3. Site-to-Site VPN

Exercise 2:

Explain and describe how IPSec works in detail. In your explanation, the terms AH, ESP,
Tunnel Mode and Transport mode should be addressed. Also, describe what the Sequence
Number in AH and ESP is used for.

Exercise 3:

Explain and describe how OpenVPN works in detail. In your explanation, the terms tun-
device and tap-device should be addressed.

1
Practical Exercise Chapter Firewalls

Exercise 1:

Use openssl under Linux to set up a certificate authority. Create keys and certificates for
all machines in the reference network. Moreover, create a Diffie-Hellman parameter file.

Exercise 2:

Configure the reference network as in the initial lab excercise.

10.2.4.37

172.16.2.5 10.2.4.1
172.16.2.0/24 10.2.4.0/24
(ffentliches Verbindungsnetz) (Institutionsnetz)

172.16.2.4

Router

192.168.1.5

192.168.1.0/24
(Institutionsnetz)

192.168.1.100

All machines in the network must run Linux.

2
Exercise 3:

Create a site-to-site VPN between 10.2.4.0/24 and 192.168.1.0/24 with IPsec (ESP, tunnel
mode). Using the java-program from the initial lab exercise, observe the traffic in the public
network using Wireshark with and without the VPN. Explain what IP-addresses, protocols
and ports show up and why.

Exercise 4:

Create a site-to-site VPN between 10.2.4.0/24 and 192.168.1.0/24 with OpenVPN (tun de-
vice). Using the java-program from the initial lab exercise, observe the traffic in the public
network using Wireshark with and without the VPN. Explain what IP-addresses, proto-
cols and ports show up and why. Which changes are required in the routing tables of the
machines and what happens if you do not make these changes?

Exercise 5:

Compare IPsec and OpenVPN with and explain differences and commonalities in what you
observed.

Exercise 6:

Now, create a Remote Access VPN with OpenVPN (tap device) for the 10.2.4.0/24-network:
Run the OpenVPN server on the router of the network. Before, create a tap-device and
brige it with the Ethernet interface into 10.2.4.1/24-network. Set up the OpenVPN client on
192.168.1.100. Using the java-program from the initial lab exercise, observe the traffic in all
networks using Wireshark with and without the VPN. Explain what IP-addresses, protocols
and ports show up and why.

You might also like