MODUL A
LINUX ISLAND
IT NETWORK SYSTEMS
ADMINISTRATION
LKS2017_ITNSA_MODUL_A
2
INTRODUCTION
The competition has a fixed start and finish time. You must decide how to best divide your
time.
Please carefully read the following instructions!
When the competition time ends, please leave your station in a running state.
Version: 1.0
LKSN2017_ITNSA
Date: 06.05.2017
3
PART I
WORK TASK INSTALLATION (LNXSRV-A, MATARAMSRV)
Note Please use the default confguration if you are not given details.
2. CA (openssl)
Confgure as CA
CA attributes should be set as follows
- Country code is set to ID
- Organizaton is set to LKSN2018
Create a root CA certfcate
Store the certificate in directory /cert
4. Mail
Make sure user11 to user20 have access via POP3, IMAP and SMTP
Before you fnish your project make sure you send an email message from user14 to
user19 and another message from user19 to user14.
Do not delete these email messages.
Version: 1.0
LKSN2017_ITNSA
Date: 06.05.2017
4
6. SSH Server
Install SSH Server
Use RADIUS LNXSRV-A to authentcaton users.
Change SSH port default to 1945
3. RADIUS (FreeRadius)
Create 5 users with password “InaSkills2018” for SSH login LNXSRV-A
o Username: user[31-35]. ex: user31, user32, …, user35
Use “InaSkills2018” as share key
Version: 1.0
LKSN2017_ITNSA
Date: 06.05.2017
5
4. DHCP
o Create DHCP Pool INTERNAL:
Range: 10.30.30.51 – 10.30.30.100
Netmask: /24
Gateway: 10.30.30.1
DNS: 10.10.10.100
o DNS-Sufix: skills4future.net
o LNX CLT-IN should always receive the following IP: 10.30.30.88
o The clients should automatically register their name with the DNS server afer they
have been assigned with an IP address by the DHCP server.
2. FTP (profpd)
Enable FTPS
- Use a certificate signed by LNXSRV-A
Each user (user21 to user30) will have a home directory.
Version: 1.0
LKSN2017_ITNSA
Date: 06.05.2017
6
Make sure the user is jailed in their respective website document root directories.
Make sure fle transfer to the server is possible.
Version: 1.0
LKSN2017_ITNSA
Date: 06.05.2017
7
PART II
WORK TASK NETWORK CONFIGURATION (LNXRTR)
Note Please use the default confguration if you are not given details.
2. DHCP Relay
Confgure DHCP Relay to LNXSRV-B for internal client
4. VPN Server
Confgure VPN for access to LNXSRV-A and LNXSRV-B. External clients should
connect to 100.100.50.1
Use address range 100.100.50.1 to 100.100.50.10 and DNS LNXSRV-A for VPN clients
For login create a user “remote” with password “InaSkills2018”
5. Firewall
External network allows the ICMP packet to interface external LNXRTR
External network can access to http://www.skills4future.net
External network can’t access to LNXSRV-A and LNXSRV-B before the vpn
established.
Ensure the vpn client can’t access to internal client (LNX CLT-IN) when the vpn
established. (Can only access to LNXSRV-A and LNXSRV-B)
Deny all other trafic from external to all internal network.
Version: 1.0
LKSN2017_ITNSA
Date: 06.05.2017
8
PART III
WORK TASK LINUX CLIENT (LNX CLT-EX, LNX CLT-IN)
Note Please use the default confguration if you are not given details.
Version: 1.0
LKSN2017_ITNSA
Date: 06.05.2017
9
APPENDIX
SPECIFICATIONS
LNXSRV-A
Operatng System Linux Debian 8
Computer name: LNXSRV-A
Root password Nasional2018
User Name: sukses
User Password: Mataram2018
eth0: 10.10.10.100/24
LNXSRV-B
Operatng System Linux Debian 8
Computer name: LNXSRV-A
Root password Nasional2018
User Name: sukses
User Password: Mataram2018
IP address: 10.20.20.100/24
LNXSRV-C
Operatng System Linux Debian 8
Computer name: LNXSRV-C
Root password Nasional2018
User Name: Sukses
User Password: Mataram2018
IP address: 10.20.20.200/24
LNXRTR
Operatng System Linux Debian 8
Computer name: LNXRTR
Root password Nasional2018
User Name: Sukses
User Password: Mataram2018
eth0: 10.10.10.1/24
eth1: 100.100.50.1/24
eth2: 10.20.20.1/24
eth3: 10.30.30.1/24
Version: 1.0
LKSN2017_ITNSA
Date: 06.05.2017
1
0
LNX CLT-EX
Operatng System Linux Debian 8 (GUI)
Computer name: LNX CLT-EX
Root password Nasional2018
User Name: sukses
User Password: Mataram2018
IP address: 100.100.50.10/24
Version: 1.0
LKSN2017_ITNSA
Date: 06.05.2017
1
1
LNX CLT-IN
Operatng System Linux Debian 8 (GUI)
Computer name: LNX CLT-IN
Root password Nasional2018
User Name: sukses
User Password: Mataram2018
IP address: DHCP
Version: 1.0
LKSN2017_ITNSA
Date: 06.05.2017