diff --git a/Bou-LAN.conf b/Bou-LAN.conf new file mode 100644 index 0000000..e9d97e0 --- /dev/null +++ b/Bou-LAN.conf @@ -0,0 +1,13 @@ +pushd routing ip relay + +Install + +set global loglevel = ERROR + +add dhcpserver 192.168.8.1 + +add interface name = "Bou-LAN" + +set interface name = "Bou-LAN" relaymode = enable maxhop = 6 minsecs = 6 + +popd diff --git a/RTR-01.ps1 b/RTR-01.ps1 index eb6118e..f15fd06 100644 --- a/RTR-01.ps1 +++ b/RTR-01.ps1 @@ -9,8 +9,8 @@ $name = Read-host "Nouveau nom d'h Rename-computer $name # Install Routing and necessary linked roles -Install-WindowsFeature RemoteAccess, RSAT-RemoteAccess-PowerShell, Routing -Install-remoteAccess -VpnType Vpn +Install-WindowsFeature RemoteAccess, RSAT-RemoteAccess-PowerShell, Routing -IncludeManagementTools +#Install-remoteAccess -VpnType Vpn # Display interfaces and active forwarding for all of thm via Regedit netsh inter show inter @@ -19,12 +19,24 @@ Set-ItemProperty -path 'HKLM:\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet` Set-NetConnectionProfile -NetworkCategory Private # Activate NAT and DHCP Relay -netsh routing ip nat install -netsh routing ip nat add interface "WAN" -netsh routing ip nat set interface "WAN" mode = full -netsh routing ip nat add interface "Arc-CLI" -netsh routing ip nat add interface "Arc-SRV" -ntsh -f ./*.conf +netsh routing ip relay install + +netsh routing ip add interface name="WAN" state=enable + +netsh routing ip relay add interface "WAN" +netsh rout ip rel set int ARC-CLI min=0 +netsh routing ip relay add interface "Arc-CLI" +netsh rout ip rel set int ARC-SRV min=0 +netsh routing ip relay add interface "Arc-SRV" +netsh rout ip rel set int WAN min=0 +netsh routing ip relay add dhcpserver 192.168.8.1 + +set-service RemoteAccess -StartupType Automatic +Start-Service RemoteAccess + +netsh -f ./Arc-CLI.conf +netsh -f ./Arc-SRV.conf +netsh -f ./WAN.conf # Change ZoneAlarm rule to accept incoming ICMP ipv4 probes $Params = @{ diff --git a/RTR-03.ps1 b/RTR-03.ps1 new file mode 100644 index 0000000..5967519 --- /dev/null +++ b/RTR-03.ps1 @@ -0,0 +1,36 @@ +# Alexandre SIMAO +# GPLv3 + +# Script to install and configure a Fuckdows Server 2016 as a router +# RTR-03 Only + +# Change the poor machine name +$name = Read-host "Nouveau nom d'hôte?" +Rename-computer $name + +# Install Routing and necessary linked roles +Install-WindowsFeature RemoteAccess -IncludeManagementTools +set-service RemoteAccess -StartupType Automatic +Start-Service RemoteAccess + +# Activate NAT + +netsh routing ip nat install +netsh routing ip nat add interface name="WAN" mode=PRIVATE +netsh routing ip nat add interface name="Aston" mode=FULL + +# Change ZoneAlarm rule to accept incoming ICMP ipv4 probes +$Params = @{ + "Name" = 'vm-monitoring-icmpv4' + "Action" = 'Allow' +} + +Set-NetFirewallRule @Params + +# Add routes + +route add -p 0.0.0.0/0 10.94.2.137 +route add -p 192.168.8.0/24 192.168.255.8 +route add -p 192.168.12.0/24 192.168.255.8 +route add -p 192.168.128.0/24 192.168.255.128 +route add -p 192.168.255.0/24 192.168.255.254 \ No newline at end of file diff --git a/SRV-01_DHCP.ps1 b/SRV-01_DHCP.ps1 index 59acb9a..e7ed32e 100644 --- a/SRV-01_DHCP.ps1 +++ b/SRV-01_DHCP.ps1 @@ -42,19 +42,20 @@ Set-ItemProperty –Path registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft` \Serve Add-DhcpServerv4Scope -name "Arc-SRV" -StartRange 192.168.8.1 -EndRange 192.168.8.254 -SubnetMask 255.255.255.0 -State Active Add-DhcpServerv4ExclusionRange -ScopeID 192.168.8.0 -StartRange 192.168.8.1 -EndRange 192.168.8.63 Add-DhcpServerv4ExclusionRange -ScopeID 192.168.8.0 -StartRange 192.168.8.240 -EndRange 192.168.8.254 -Set-DhcpServerv4OptionValue -OptionID 3 -Value 192.168.8.254 -Set-DhcpServerv4OptionValue -DnsServer 9.9.9.9 +Set-DhcpServerv4OptionValue -ScopeId 192.168.8.0 -OptionID 3 -Value 192.168.8.254 Add-DhcpServerv4Scope -name "Arc-CLI" -StartRange 192.168.12.1 -EndRange 192.168.12.254 -SubnetMask 255.255.255.0 -State Active Add-DhcpServerv4ExclusionRange -ScopeID 192.168.12.0 -StartRange 192.168.12.1 -EndRange 192.168.12.63 Add-DhcpServerv4ExclusionRange -ScopeID 192.168.12.0 -StartRange 192.168.12.240 -EndRange 192.168.12.254 -Set-DhcpServerv4OptionValue -OptionID 3 -Value 192.168.12.254 -Set-DhcpServerv4OptionValue -DnsServer 9.9.9.9 +Set-DhcpServerv4OptionValue -ScopeId 192.168.12.0 -OptionID 3 -Value 192.168.12.254 Add-DhcpServerv4Scope -name "Bou-LAN" -StartRange 192.168.128.1 -EndRange 192.168.128.254 -SubnetMask 255.255.255.0 -State Active Add-DhcpServerv4ExclusionRange -ScopeID 192.168.128.0 -StartRange 192.168.128.1 -EndRange 192.168.128.63 Add-DhcpServerv4ExclusionRange -ScopeID 192.168.128.0 -StartRange 192.168.128.240 -EndRange 192.168.128.254 -Set-DhcpServerv4OptionValue -OptionID 3 -Value 192.168.128.254 +Set-DhcpServerv4OptionValue -ScopeId 192.168.128.0 -OptionID 3 -Value 192.168.128.254 + +# Global DHCP options + Set-DhcpServerv4OptionValue -DnsServer 9.9.9.9 # Change ZoneAlarm rule to accept incoming ICMP ipv4 probes @@ -66,7 +67,8 @@ $Params = @{ Set-NetFirewallRule @Params -# Add routes +# Add routes for RTR-01 + route add -p 192.168.12.0/24 192.168.8.254 route add -p 192.168.255.0/24 192.168.8.254 route add -p 192.168.128.0/24 192.168.8.254 diff --git a/Sans titre1.ps1 b/Sans titre1.ps1 deleted file mode 100644 index 38a6987..0000000 --- a/Sans titre1.ps1 +++ /dev/null @@ -1,14 +0,0 @@ -# IP address or DnsHostName of your Dhcp Server -$dhcpServer = '192.168.8.1' - -# Name of the network adapter to enable DHCP on -$routerNetAdapterName = 'Ethernet1' - - -$dhcpAddress = [Net.Dns]::GetHostEntry($dhcpServer) -if(!$dhcpAddress){ - Write-Warning "Unable to identify IP address of [$dhcpServer]" - break -}else{ - $dhcpServerIP = $dhcpAddress.AddressList[0] -} \ No newline at end of file