Skip to content

E09 Configuring Firewalls

Back to the Course Schedule

Back to the Material: Network Segmentation and Firewalls

Video: Instructions for E09



This exercise follows E08, thus uses its working configuration.

Preparing the topology

  1. Add an adapter to R3 named Internal Network/public
  2. Choose a public IPv4 address space (e.g. from E03 Calculating Subnets - Internet Registries) and use it to address the adapter
  3. Make a DHCP server on R3 to distribute addresses to that public IPv4 subnet
  4. Add it to your dynamic routing

Configuring Firewalls


Follow the principles set in the material M08 Network Segmentation and Firewalls, Configuring Vyos

  1. Create 3 zones for R3: LAN, WAN, vyos
  2. Configure firewall settings to R3
  3. Test, verify and document the results on the firewall settings
    • Add screenshots and topology pictures
    • Add log rows of accepted and/or denied traffic


You can move (or clone) one lubuntu workstation to the public subnet and test ping, traceroute & HTTP from behind R1 to it.

Back to the Schedule?

Back to the Course Schedule


This course and its materials are written by Karo Saharinen and licenced by Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0) license.

Creative Commons -licence