On your Windows 11 VM, open Edge and navigate to the IP address of the pfSense firewall (https:\10.0.1.1).
You will get a warning as seen below because pfSense uses a self-signed certificate. Select Advanced and then Accept the Risk and Continue.
Then you will be presented with a link to continue and a warning. This warning is because pfSense uses a self-signed certificate.
You will then be presented with a logon page. The default login is U:admin PW: pfsense
Select next.
Select Next again.
You can change the hostname if you’d like. You can also change the domain. Uncheck Override DNS and select Next.
Change the timezone and click Next
Scroll to the bottom of the page and uncheck the Block RFC1918 Private Networks and select Next
Do not change any values and select next.
Change Admin Password and select Next
Select “Reload”
Then select Finish
Select Accept
Select Close.
We still have more configurations.
Go to Interfaces and select LAN
Change the description to “ECorp” and select “Save”
Select Apply Changes.
Change the name of the OPT1 interface.
Type in “Attack LAN” and select save.
Apply changes.
Go to Services and select DNS Resolver
Scroll down to the bottom of the page and check both DHCP Registration and Static DHCP.
Scroll back up the page and select Advanced Settings.
Then scroll down to Advanced Resolver Options and enable Prefetch Support and Prefetch DNS Key Support.
Then scroll down and select “Save”.
Select Apply Changes
Now go to System and Advanced
Then Select Networking
Scroll down to Network Interfaces and enable Hardware Checksum Offloading. Then select “Save”
Select OK
Login with the new password you set up.
Once logged in go to Status and drop down to DHCP Leases.
We can see the Windows 11 IP.
Select the + Sign under Actions
Insert the IP address 10.0.1.2
Scroll down and select Save
Apply the changes
To make the change open a command prompt on Win 11 VM and type in the following command:
ipconfig /release
ipconfig /renew
As seen below, when running ipconfig /renew, it picks up the static IP we creared, 10.0.1.2.
Create an alias by going to Firewall and select Aliases
Then select “add”
Make the changes seen below and save it.
Apply the changes
Go back to pfSense dashboard to configure Firewall Rules.
Go to the ECorp tab and select add rule to the bottom.
Make the changes seen below and select Save. This allows ECorp devices to communicate.
Apply Changes
Add another rule at the bottom
Make the changes seen below. This rule allows communications between ECorp and the AttackLAN.
Apply changes.
Select another rule at the bottom.
Make the changes seen below and select save.
Add one more rule at the bottom to block anything that is not specified by an earlier rule.
Make the changes seen below.
Apply changes
Go to the AttackLAN
Select add a rule at the bottom.
Make the changes seen below and select save.
Apply Changes
Select a rule at the bottom.
Add the rule below.
Select Apply Changes.
Note that if you ever need for Kali Linux to have an internet connection, to update or install new tools, you will need to disable this rule.
To disable a rule, select the edit icon (pencil icon).
Then select the disable this rule. Select Save and Apply Changes.
Create another Firewall Rule at the bottom of the LAN Interface.
Make the following options and select Save.
This rule will block any traffic attempting to go to the WAN subnets. The reason we want to do this is the WAN address is likely you home router (if you selected Bridged on the WAN interface) or VirtualBox IPs (if you selected NAT for your WAN interface). Regardless, this rule in addition to the previous rule will block any traffic from Kali Linux.
Then select Apply changes.
Go to Diagnostics and Reboot.
Choose Normal Reboot and select Submit.
