Firewall Troubleshooting

In this learning activity, there is a fairly simple, but broken, firewall configuration. The firewall on `Server1` (10.0.1.10) should be configured to permit web requests from `Client1` (10.0.1.11).

You will need to determine why the firewall isn’t working as intended, and resolve the issue.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Verify That the Issue Exists

Prior to beginning the troubleshooting, you should verify that the issue actually exists.

Attempt to curl the headers for 10.0.1.10 from 10.0.1.11:

$ curl -I 10.0.1.10

Resolve the Problem by Creating a New Zone

You can resolve this issue by creating a new zone, adding the http service to it, and designating 10.0.1.11 as a source for the zone. Use these commands:

 [root@$host ~]# firewall-cmd --permanent --new-zone=api
 [root@$host ~]# firewall-cmd --reload
 [root@$host ~]# firewall-cmd --permanent --zone=api --add-service=http
 [root@$host ~]# firewall-cmd --permanent --zone=api --add-source=10.0.1.11
 [root@$host ~]# firewall-cmd --reload

Verify That the Problem Is Resolved

From Client1 (10.0.1.11), run:

curl -I 10.0.1.10

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Firewall Troubleshooting

About this Hands-on Lab

Learning Objectives

Additional Resources

What are Hands-on Labs

Newsletter