CSCI 4331 : ENTERPRISE NETWORK

Group Project

Group Members:

No. Name Matric Number

1 Wan Aiman Bin Wan Ibrahim 2113615

2 Muhammad Irfan Zaki Bin Mohd Razali 2119015

3 Ahmad Nazrin Izwan Bin Ahmad Khalil 2112343

4 Nurizuan Nazrin Bin Komori 2113021

5 Umair Bin Mohd Yaziz 2123467

Lecturer: Dr. Zainab Senan Mahmod Attar Bashi

 TABLE OF CONTENT
1.0 Introduction 3
2.0 Objective 3
3.0 Methodology 4
3.1 Private Cloud Setup 4
1. Openstack Prerequisites 4
2. Step-by-step Openstack Installation 4
3. Openstack Installation Screenshots 6
4. Create new normal user 8
5. Create new project and assign volume for new user 8
3.2 Firewall Configuration 10
1. UFW Prerequisites 10
2. Step-by-step UFW Installation 10
3. UFW Configuration Screenshots 12
3.3 Linux Server Installation 15
3.4 Network Integration 16
4.0 Results 17
5.0 Appendices 18
Cloud Server 18
Firewall 20
Linux Integration 21

2
1.0 Introduction
This project aims to provide hands-on experience in network building with limited
resources by creating a private cloud protected by a firewall and incorporating a Linux server
with DHCP and email services. The project for a group of five students is to configure a Linux
server, set up a firewall using UFW in the Linux server for security, and build up a private cloud
using Open Stack (open-source cloud computing infrastructure software). To enable authorized
users to access cloud resources and services, the final network will be connected to the OpenWrt
Switch.

2.0 Objective
The primary objective of this project is to design and implement a secure and functional
private cloud network with the following components:
1. Private Cloud: Implemented using open-source cloud computing infrastructure
software, configured to allow authorized user access.
2. Firewall: Installed on a separate machine to protect the private cloud and enforce basic
filtering policies.
3. Linux Server: Configured to provide DHCP and Email services, installed either on a
dedicated machine or as a partition alongside another operating system.

3
3.0 Methodology

3.1 Private Cloud Setup

1. Openstack Prerequisites
a. A machine running Ubuntu (20.04 or later recommended).
b. Sudo privileges.

2. Step-by-step Openstack Installation

a. Set the hostname for your machine:
hostnamectl set-hostname openstack-controller
#This command sets the hostname of your machine to "openstack-controller"

b. Install MicroStack using the snap package manager:

sudo snap install microstack --beta
#This command installs MicroStack from the beta channel using snap.

c. Check if MicroStack has been installed successfully:

snap list microstack
#This command lists all installed snap packages and verifies that MicroStack is installed.

d. Initialize MicroStack with automatic configuration and set it as the control node:
sudo microstack init --auto --control
#This command initializes MicroStack with automatic configuration and sets up the current
machine as the control node.

e. Check the version of the OpenStack CLI provided by MicroStack:

microstack.openstack --version
#This command sets the hostname of your machine to "openstack-controller"

microstack openstack --v

#This command also prints the version of the OpenStack CLI. It is an alternative to the
previous command.

f. List the available images in OpenStack:

microstack.openstack image list
#This command lists all available images in your OpenStack deployment.

4
 g. List the available flavors in OpenStack:
microstack.openstack flavor list
#This command lists all available flavors in your OpenStack deployment.

h. Retrieve the keystone password configuration:

sudo snap get microstack config.credentials.keystone-password
#This command retrieves the keystone password from the MicroStack configuration.

i. Open a web browser and navigate to the Horizon dashboard URL provided in the
previous step. It typically looks like http://<your-machine-ip>/dashboard.

j. Use the admin username and password retrieved earlier to log in. The default
username is usually ‘admin’. Use the keystone password retrieved in h.

5
3. Openstack Installation Screenshots

Openstack Installation Process

Openstack Login Page

6
Openstack Admin Dashboard

Openstack Configuration

7
4. Create new normal user

5. Create new project and assign volume for new user

Edit Project Member

8
Openstack Project Dashboard

Modify Project Quota/Volume

9
 New Normal User Dashboard (10GB)

3.2 Firewall Configuration

1. UFW Prerequisites
a. A machine running Ubuntu (20.04 or later recommended).
b. Sudo privileges.
2. Step-by-step UFW Installation
a. Update package lists to ensure we get the latest version of UFW and other packages
sudo apt update
#Update package lists

b. Install UFW (Uncomplicated Firewall)

sudo apt install ufw
#Install UFW

c. Enable UFW to start protecting your system. This will also make UFW start on boot.
sudo ufw enable
#Enable UFW

d. Allow SSH connections to ensure you don't lose remote access to your server.
sudo ufw allow 22/tcp

10
#Allow SSH connections

e. Allow HTTP traffic on port 80. This is for web servers serving unencrypted web pages.
sudo ufw allow 80/tcp
#Allow HTTP traffic

f. Allow HTTPS traffic on port 443. This is for web servers serving encrypted web
pages.
sudo ufw allow 443/tcp
#Allow HTTPS traffic

g. Deny connection from server to the firewall and cloud server

sudo ufw deny insert 1 deny from 192.168.1.3 to 10.10.10.10
#Deny from server to firewall
sudo ufw deny insert 1 deny from 192.168.1.3 to 10.10.10.20
#Deny from server to cloud server

11
 h. Check the status of UFW and list the rules to ensure everything is set up correctly.
sudo ufw status numbered
#List out the firewall rules

i. This step is typically not necessary right after setting the rules. Only after we
added/changed the rules.
sudo ufw reload
#Reload UFW (if necessary)

j. Analyze the packets using Wireshark to ensure the firewall runs correctly
sudo wireshark
#Capture packets using Wireshark

3. UFW Configuration Screenshots

UFW Configuration Process

12
 Firewall Rules Applied

Before Firewall Rules Applied

13
After Firewall Rules Applied

14
3.3 Linux Server Installation

1. Linux Server Prerequisites

a. A dedicated machine or dual-boot setup with another OS.
b. Ubuntu Server ISO (Download from Ubuntu Server Download).

2. Set Up the Linux Server

a. Boot from the Ubuntu Server ISO:
i. Insert the bootable USB or DVD with the Ubuntu Server ISO.
ii. Restart the machine and boot from the USB/DVD.
b. Install Ubuntu Server:
i. Follow the on-screen instructions to install Ubuntu Server.
ii. Select language, keyboard layout, and network configuration.
iii. Set up the user and hostname.
iv. Partition the disk (for dual-boot, select the appropriate partition).

3. Install Necessary Packages

a. Update the package list:
sudo apt update
#Update package lists

b. Install DHCP server package:

sudo apt install isc-dhcp-server
#Update package lists

c. Install email server package:

sudo apt install postfix
#Update package lists

15
4. Configure the Server
a. Configure DHCP server:

i. Edit the DHCP configuration file:

sudo nano /etc/dhcp/dhcpd.conf

ii. Add the following configuration (adjust IP ranges as necessary):

subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.10 192.168.1.100;
option routers 192.168.1.1;
option domain-name-servers 8.8.8.8, 8.8.4.4;
}

iii. Restart the DHCP service:

sudo systemctl restart isc-dhcp-server

b. Configure Postfix email server:

i. During installation, choose "Internet Site" and set the system mail name
(e.g., example.com).
ii. Edit the Postfix configuration file:
sudo nano /etc/postfix/main.cf

iii. Ensure the following lines are configured (adjust domain as necessary):
myhostname = mail.example.com
mydomain = example.com
myorigin = /etc/mailname
inet_interfaces = all

iv. Restart the Postfix service:

sudo systemctl restart postfix

16
3.4 Network Integration
a. Connect all components (private cloud, firewall, Linux server) into OpenWrt Switch.

OpenWrt router, acting as switch between cloud and LAN

b. Ensure seamless interaction and access for a normal user (fourth PC) to utilize the
network resources.
c. Test the network to confirm all components are functioning correctly and securely.

17
4.0 Results
The project resulted in a fully functional private cloud network with enhanced security measures
and essential services. Key outcomes include:
1. Successful Deployment of Private Cloud :
- Installed and configured open-source cloud computing software on a designated machine.
- Established network configurations to enable user access and resource management.

2. Effective Firewall Implementation:

- Set up and configured a firewall to safeguard the cloud environment.
- Applied filtering policies to block unwanted traffic and enhance security.

3. Operational Linux Server:

- Installed and configured a Linux server providing DHCP and Email services.
- Ensured reliable network administration and communication capabilities.

4. Integrated Network Functionality :

- Connected all components into a unified network.
- Enabled authorized user access to the cloud and services, validating the overall network setup
through successful testing and troubleshooting.

18
5.0 Appendices

Cloud Server

19
20
 Firewall

Set Interfaces Address

21
Linux Integration

SERVER DNS

22
 Cloud IP Address

Physical View of the Network

23
24
25
26