Lab
A Cloud Guru

Firewall Troubleshooting

In this learning activity, there is a fairly simple, but broken, firewall configuration. The firewall on `Server1` (10.0.1.10) should be configured to permit web requests from `Client1` (10.0.1.11). You will need to determine why the firewall isn't working as intended, and resolve the issue.

Try for free Contact sales

Path Info

Level

Intermediate

Duration

30m

Published

Nov 14, 2018

Challenge

Verify That the Issue Exists

Prior to beginning the troubleshooting, you should verify that the issue actually exists.

Attempt to curl the headers for 10.0.1.10 from 10.0.1.11:

$ curl -I 10.0.1.10

Challenge

Resolve the Problem by Creating a New Zone

You can resolve this issue by creating a new zone, adding the http service to it, and designating 10.0.1.11 as a source for the zone. Use these commands:

[root@$host ~]# firewall-cmd --permanent --new-zone=api
[root@$host ~]# firewall-cmd --reload
[root@$host ~]# firewall-cmd --permanent --zone=api --add-service=http
[root@$host ~]# firewall-cmd --permanent --zone=api --add-source=10.0.1.11
[root@$host ~]# firewall-cmd --reload

Challenge

Verify That the Problem Is Resolved

From Client1 (10.0.1.11), run:

curl -I 10.0.1.10

Author

A Cloud Guru

The Cloud Content team comprises subject matter experts hyper focused on services offered by the leading cloud vendors (AWS, GCP, and Azure), as well as cloud-related technologies such as Linux and DevOps. The team is thrilled to share their knowledge to help you build modern tech solutions from the ground up, secure and optimize your environments, and so much more!

What's a lab?

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.