5.3 Configure DNS Server

6.1 Create DHCP Server virtual machine

5.4 Configure Firewall for DNS service

• Make sure that the "Firewall" virtual machine is running (see 4.2 Startup Firewall virtual machine)

Now you could log in directly in the virtual machine as user root, but connecting through SSH from your host PC, makes it possible to copy and paste text into the console window

• Open "Command Prompt" on your host computer

Write what is highlighted in red

Because the ip address on the firewall has changed since the last time you ssh connected to it, you need to update the ssh key:

C:\Users\teddy>ssh-keygen -R

# Host found: line 3

C:\Users\teddy/.ssh/known_hosts updated.

Original contents retained as C:\Users\teddy/.ssh/known_hosts.old

Instead of writing "teddy", then write the username you have created on the master virtual machine:

C:\Users\teddy>ssh teddy@

The authenticity of host ' (' can't be established.

ECDSA key fingerprint is SHA256:xxxxxxxxxxxx+xxxxxxxxxxxxxxxxxxxxx/xxxxxxxx.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '' (ECDSA) to the list of known hosts.

teddy@'s password:write your user's password here

Last login: Wed Jan 1 10:05:00 2020 from

[teddy@firewall ~]$ su

Password:write the root password here

Edit the firewall bash file:

[root@firewall teddy]# cd /var/firewall

[root@firewall firewall]# vim

Add these lines to the end of the document:

# Open ports for the DNS service in the dmz zone

firewall-cmd -–zone=dmz --add-service=dns

firewall-cmd -–zone=dmz --add-service=mdns

# Forward DNS traffic from the external zone to the DNS server

firewall-cmd --zone=external --add-forward-port=port=53:proto=udp:toport=53:toaddr=

firewall-cmd --zone=external --add-forward-port=port=53:proto=tcp:toport=53:toaddr=

# Forward SSH traffic from the external zone to the DNS server using a dedicated port

firewall-cmd --zone=external --add-forward-port=port=22002:proto=tcp:toport=22:toaddr=

Save the document and quit vim

Shutdown the system, and exit "Command Prompt":

[root@firewall firewall]# shutdown -h now

Connection to closed by remote host.

Connection to closed.


Return to the "Firewall" virtual machine

Click "X" to close the virtual machine