Michael Kaminski

IT and cybersecurity enthusiast.

6 minute read

Project Pages

Homelab Project: Active Directory Setup Homelab Project: Integrating pfSense, Suricata and Splunk

Project Goals:

This project will consist of creating a virtualized homelab in Proxmox.I have already created several homelabs with Proxmox, but have not documented the process before. My primary goal is to gain hands-on experience with networking, firewalls, and Active Directory. After completing this initial setup I will be looking to experiment with other technologies, namely Snort and Splunk, but I shall walk before I run.

To start, this lab will be comprised of:

  • Proxmox v 8.0.3
  • pfSense v2.7.0
  • Windows Server 2019
  • Windows 10 Enterprise

Here is a basic diagram of what I will be setting up:

Hardware:

This homelab will be constructed using what I have available:

Dell Precision T3610:

This computer was dropped off at a previous job to be recycled. After disposing of the drives, I put in some new HDDs, stuffed it full of RAM and took it home for homelab purposes.

Specs:

  • Xeon E5-1620 v2
  • 32GB RAM
  • 1TB HDD x 2
  • One on-board NIC
  • Intel 4-port 10Gb NIC

Linksys MR3700 Series Smart Wi-Fi Router

Again, nothing crazy here. This is the router that was in place when I moved in.

Hypervisor (Proxmox):

For every homelab project I’ve created so far, I’ve used Proxmox. It is pretty straight forward to get up and running, very flexible, and just like the rest of my lab (minus a monitor, keyboard, and cables) is free.

Proxmox System Info: There’s plenty of resources online regarding the installation of Proxmox. The relevant specifications of my environment are as follows:

  • Proxmox VE v 8.0.3
  • Network:
Bridge Interface Description
vmbr0 enp0s25 Proxmox interface
vmbr1 enp3s0f3 pfSense WAN interface
vmbr2 N/A pfSense LAN interface
vmbr3 N/A pfSense OPT1 interface

vmbr0 and vmbr1 are the only two linux bridges that are assigned a physical port for the time being.

VM Setup:

This section will serve as reference to VM creation, OS installations, and some initial configuration.

Proxmox VM Creation:

This section contains the specs used for each VM, as well as any helpful resources which aided me or influenced my decisions.

pfSense VM:

Resource: https://docs.netgate.com/pfsense/en/latest/recipes/virtualize-proxmox-ve.html

Defaults used, unless stated otherwise.

  • General:
    • VM ID: 100
    • Name: pfSense
  • OS:
    • ISO image: pfSense-CE-2.7.0
    • Guest OS:
      • Type: Linux
      • Version: 6.x - 2.6 Kernel
  • System:
    • Graphic card: SPICE
    • Machine: Default (i440fx)
    • BIOS: Default (SeaBIOS)
    • SCSI Controller: VirtIO SCSI
    • Qemu Agent: disabled
    • Add TPM: disabled
  • Disks:
    • Bus/Device: VirtIO Block
    • Storage: local-lvm
    • Disk size: 32 GB
    • Cache: Default (No cache)
    • Discard: disabled
    • IO thread: enabled
  • CPU:
    • Sockets: 1
    • Cores: 1
    • Type: host
  • Memory:
    • Memory: 2048 MB
  • Network:
    • Bridge: vmbr1
    • Model: VirtIO (paravirtualized)
  • Confirm:
    • Start after created: disabled

Before Starting the VM

After creating the VM we will need to add several network adapters.

  • Click the newly created VM
  • Click Hardware
  • Add > Network Device
    • vmbr2 (ManagementNetwork)
    • vmbr3 (VictimNetwork)

Windows Server 2019 VM

Resource used: https://pve.proxmox.com/wiki/Windows_2019_guest_best_practices

Defaults used, unless stated otherwise.

  • General:
    • VM ID: 101
    • Name: DOMCON
  • OS:
    • ISO image: Windows Server 2019
    • Guest OS:
      • Type: Microsoft Windows
      • Version: 10/2016/2019
  • System:
    • Graphic card: Default
    • Machine: Default (i440fx)
    • BIOS: Default (SeaBIOS)
    • SCSI Controller: VirtIO SCSI
    • Qemu Agent: enabled
    • Add TPM: disabled
  • Disks:
    • Bus/Device: SCSI
    • Storage: local-lvm
    • Disk size: 64 GB
    • Cache: Write back
    • Discard: enabled
    • IO thread: enabled
  • CPU:
    • Sockets: 1
    • Cores: 1
    • Type: kvm64
  • Memory:
    • Memory: 4096 MB
  • Network:
    • Bridge: vmbr2
    • Model: VirtIO (paravirtualized)
  • Confirm:
    • Start after created: disabled

Before starting the VM

Before we start the VM and install Windows Server, we will need to add a second disk drive in order to install VirtIO drivers before installing Windows. These drivers are necessary for better RAM utilization, network connectivity via the virtual NIC, and most crucially, to interact with the virtual storage device.

  • Click newly created VM
  • Click Hardware tab
  • Add > CD/DVD Drive
    • ISO image: virtio-win.iso

Windows 10 Client VMs

Resource: https://pve.proxmox.com/wiki/Windows_10_guest_best_practices

Defaults used, unless stated otherwise.

  • General:
    • VM ID: 201
    • Name: WinUser1
  • OS:
    • ISO image: Windows 10 Enterprise
    • Guest OS:
      • Type: Microsoft Windows
      • Version: 10/2016/2019
  • System:
    • Graphic card: Default
    • Machine: Default (i440fx)
    • BIOS: Default (SeaBIOS)
    • SCSI Controller: VirtIO SCSI
    • Qemu Agent: enabled
    • Add TPM: disabled
  • Disks:
    • Bus/Device: SCSI
    • Storage: Clients
    • Disk size: 64 GB
    • Cache: Write back
    • Discard: enabled
    • IO thread: enabled
  • CPU:
    • Sockets: 1
    • Cores: 1
    • Type: kvm64
  • Memory:
    • Memory: 2048 MB
  • Network:
    • Bridge: vmbr3
    • Model: VirtIO (paravirtualized)
  • Confirm:
    • Start after created: disabled

Before starting the VM

Before we start the VM and install Windows 10, we will need to add a second disk drive for virtIO drivers.

  • Click newly created VM
  • Click Hardware tab
  • Add > CD/DVD Drive
    • ISO image: virtio-win.iso

Installing pfSense

  • Start the VM
  • Welcome Screen:
    • Install
  • Partitioning:
    • Auto (ZFS)
  • ZFS Configuration:
    • Leave defaults selected
    • Install
    • stripe
  • Complete:
    • Reboot

pfSense Initial Setup

  • Do VLANs need to be set up first?
    • n
  • Enter the WAN interface
    • vtnet0
  • Enter the LAN interface
    • vtnet1
  • Enter the Optional 1 interface
    • vtnet2
  • Type 2, to set interface(s) IP address
    • 1 - WAN
      • Configure IPv4 address WAN interface via DHCP?
        • n
      • Enter the new WAN IPv4 address
        • 192.168.1.3
      • Enter the WAN IPv4 subnet bit count
        • 24
      • For a WAN, enter the new WAN IPv4 upstream gateway address
        • 192.168.1.1
        • Set as default gateway
      • Do not configure IPv6 address
      • Do not enable DHCP server on WAN
      • Revert to HTTP as the webConfigurator protocol
    • 2 - LAN
      • Configure IPv4 address WAN interface via DHCP?
        • n
      • Enter the new LAN IPv4 address
        • 10.0.0.1
      • Enter the new LAN IPv4 subnet bit count
        • 26
      • Press enter for no upstream gateway address
      • Do not configure IPv6 address
      • Enabled DHCP server
      • DHCP range:
        • 10.0.0.10 - 10.0.0.62
    • 3 - OPT
      • Configure IPv4 address WAN interface via DHCP?
        • n
      • Enter the new LAN IPv4 address
        • 10.0.0.65
      • Enter the new LAN IPv4 subnet bit count
        • 26
      • Press enter for no upstream gateway address
      • Do not configure IPv6 address
      • Enabled DHCP server
      • DHCP range:
        • 10.0.0.74 - 10.0.0.126

Installing Windows Server

  • Start VM and let the Windows installer load
  • Select Windows Server 2019 Standard Evaluation (Desktop Experience)
  • Accept license terms
  • Custom: Install Windows only
  • Load drivers:
    • Browse
      • CD Drive: virtio-win-0.1.240 > vioscsi > 2k19 > amd64
      • CD Drive: virtio-win-0.1.240 > Balloon > 2k19 > amd64
      • CD Drive: virtio-win-0.1.240 > NetKVM > 2k19 > amd64
  • Select Drive 0 Unallocated Space > Next

After installation create a password for Administrator and sign in.

Installing Windows 10

  • Start VM and let the Windows installer load
  • Accept license terms
  • Custom: Install Windows only
  • Load drivers:
    • Browse
      • CD Drive: virtio-win-0.1.240 > vioscsi > w10 > amd64
      • CD Drive: virtio-win-0.1.240 > Balloon >w10 > amd64
      • CD Drive: virtio-win-0.1.240 > NetKVM > w10 > amd64
  • Select Drive 0 Unallocated Space > Next

That’s it for now, I’ll cover the Windows 10 setup and domain joining in this post.

pfSense Setup via webConfigurator

Now that the VMs have been created, and their operating systems are installed, access pfSense webConfigurator via browser from the Windows Server VM, and run through the setup wizard.

To do this, open a browser and navigate to “http://< pfSense LAN IP >”. In my case the LAN IP is 10.0.0.1.

General Information

  • Hostname: pfSense
  • Domain: home.arpa
  • Primary DNS Server: 8.8.8.8
  • Secondary DNS Server: 8.8.4.4
  • Allow DNS to be overridden: disable

Set time zone.

Configure WAN Interface

  • Block RFC1918 Private Networks
  • Block bogon networks

When setting up pfSense, the LAN interface will automatically generate firewall rules for accessing the internet and the rest of the network via IPv4 and IPv6. I will need to create the same rule for the OPT1 interface. For the purposes of this lab, I will be removing the IPv6 rule.

Navigate to Firewall > Rules > OPT1

  • Create:
    • Action: Pass
    • Interface: OPT1
    • Address Family: IPv4
    • Protocol: Any
    • Source: OPT1 net
    • Destination: Any

Now I will delete the IPv6 allow any rule for LAN.

  • Select LAN
  • Check box on IPv6 allow any rule
  • Click “Delete” button

Conclusion

Now I have the VMs created and a basic functional configuration for pfSense. Next, I will setup Active Directory!

You May Also Enjoy

TryHackMe - H4cked

11 minute read

This is a writeup for the H4cked room on TryHackMe. My coverage of this room will be in the format of an incident response report, and will include mapping t...

TryHackMe - Ignite

3 minute read

This is a write-up for the Ignite room on TryHackMe. The format of this write-up will be from the perspective of an incident responder. I will use the MITRE ...