In this learning activity, there is a fairly simple, but broken, firewall configuration. The firewall on `Server1` (10.0.1.10) should be configured to permit web requests from `Client1` (10.0.1.11).
You will need to determine why the firewall isn’t working as intended, and resolve the issue.
Successfully complete this lab by achieving the following learning objectives:
- Verify That the Issue Exists
Prior to beginning the troubleshooting, you should verify that the issue actually exists.
curlthe headers for 10.0.1.10 from 10.0.1.11:
$ curl -I 10.0.1.10
- Resolve the Problem by Creating a New Zone
You can resolve this issue by creating a new zone, adding the http service to it, and designating 10.0.1.11 as a source for the zone. Use these commands:
[root@$host ~]# firewall-cmd --permanent --new-zone=api [root@$host ~]# firewall-cmd --reload [root@$host ~]# firewall-cmd --permanent --zone=api --add-service=http [root@$host ~]# firewall-cmd --permanent --zone=api --add-source=10.0.1.11 [root@$host ~]# firewall-cmd --reload
- Verify That the Problem Is Resolved
curl -I 10.0.1.10