« prev :: next »


Connect to the hal9k-wifi WiFi Access Point. Then check your IP:

haxys@straylight:~$ ip a
3: wlp59s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 68:ec:c5:dd:3a:e2 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.100/24 brd 10.0.0.255 scope global dynamic noprefixroute wlp59s0
       valid_lft 7081sec preferred_lft 7081sec
    inet6 fe80::2c06:69cf:f0d0:1de7/64 scope link noprefixroute
       valid_lft forever preferred_lft forever

As you can see, we’ve been assigned an IP in the 10.0.0.100-149 range, and if we ping 10.0.0.1, we can see we’re able to ping the OPNsense router:

haxys@straylight:~$ ping -c3 10.0.0.1
PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data.
64 bytes from 10.0.0.1: icmp_seq=1 ttl=64 time=2.04 ms
64 bytes from 10.0.0.1: icmp_seq=2 ttl=64 time=7.17 ms
64 bytes from 10.0.0.1: icmp_seq=3 ttl=64 time=83.2 ms

--- 10.0.0.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 2.036/30.811/83.228/37.123 ms

On the host, you’ll want to disable auto-connect on enp2s0f0 and enp2s0f1, otherwise the host will also be available within the hacker lab.

Visit 10.0.0.1 in a browser, and login with your root credentials. Start the configuration wizard.

  • Hostname: OPNsense-CORE
  • Domain: hal9k.lab
  • Primary DNS: 1.1.1.2
  • Secondary DNS: 1.0.0.2
  • Override DNS: Yes
  • Enable Resolver: Yes
  • Enable DNSSec Support: No
  • Harden DNSSec Data: No
  • Time info: Defaults
  • Block RFC1918 Private Networks: No
  • Block bogon networks: No
  • Keep password the same.

Once it’s all configured, reload. Next, install any updates that may be available. This may take a few repetitions. Then, go ahead and shut down the system via the RDP connection. Create a new snapshot called “Interfaces Configured.”


« prev :: next »