Capstone Project
Capstone Project
Well, this is it. The final lab. This will test everything you have learned so far and maybe some more. I will list the requirements and come up with a scenario below. I will not be providing IP addresses or zone information. If you can meet the requirements below, you can consider yourself pretty good at Palo Alto. Good luck!
Scenario: ODI (Openly Deceptive Insurance) is a company looking for a consultant to do all their networking. They have 2 office locations, one in Vancouver, and the other one in England. In the Vancouver site, they want 2 VLANs, VLAN 10 and VLAN 20. VLAN 20 will serve as a login only network, whereas VLAN 10 is for all the employees. Vancouver also hosts their internal webserver where they keep internal records of very important things like their next scam, and list of really good Netflix shows. They also have a site-to-site setup with their England site to access their other resources. But that site-to-site is mainly so that the Vancouver employees have access to British Netflix. The England site is responsible for hosting the public webserver in the DMZ, as well as being the main source of remote access employees so they can access the internal webserver by connecting to the England site online.
Requirements
“Vancouver Site”:
- VLAN Configuration
- Captive Portal on VLAN 20
- DHCP Server to provide addressing for VLAN 10 and VLAN 20
- Access Internet through Site to Site VPN
- Site to Site VPN
“England Site”:
- Secure DMZ for DMZ webserver
- DoS protection for “public” facing interface
- Site to Site VPN
- Remote Access VPN
- Internet Access
Video Guide
This video will go over how I set it up and maybe some other additional tips and tricks. Download Captions