Moving to GN3 world…
In GNS3, we add 3 routers: R1, R2, and R3 corresponding to different security zones that are represented by cloud objects. Each cloud object maps to its corresponding Loopback (previously created) and through those loopback to virtual box objects thus VMs.
When adding links from routers to cloud objects we may encounter this error in GNS3 console.
As a workaround we apply this command in cmd: sc config npf start= auto, and restart the PC.
Back to our gateways and push the policy
From SmartDashboard (connected to our SM) we’re ready to get gateway topology information,
and push our first policy (with traceable rules) that allows our management traffic and a test traffic (pings) from dmz router (R1) to intranet (R3) using their directly attached interfaces to zones.
To achieve this we configure our routers with default routes to firewalls.
SmartView in action
A quick wrap up
In this post, using only a windows PC we’ve created 3 VM machines to emulate our firewall (gateways) and their manager (SM). 3 loopback interfaces was created on windows to simulate a switch operation to connect those VM interfaces to the cloud objects in GNS3. Each cloud in GNS3 maps to the corresponding VM interface through the windows interface (internal switch). GNS3 clouds connects the corresponding emulated routers (networks). These routers are logically separated and any trafic from those router should pass by the cloud objet reach the loopback windows interface before reaching the VM interface at the firewall where the policy is applied…
