The Fabrikam Corpnet subnet is used to simulate a customer on-premises network infrastructure. A cross-premises VPN connection will be established later in order to access the cloud hoster network. There are four steps to setting up the Fabrikam Corpnet subnet on WNVHOST4.
1. Configure DC1.
2. Configure APP1.
3. Configure EDGE1.
4. Test access to resources on APP1.
The following sections provide details about how to perform these steps.
Step 1: Configure DC1
DC1 is a virtual machine running on the WNVHOST4 physical server. DC1 provides the following services:
· · A domain controller for the corp.fabrikam.com Active Directory Domain Services (AD DS) domain
· · A DNS server for the corp.fabrikam.com DNS domain
· · A DHCP server for the Fabrikam Corpnet subnet
DC1 configuration consists of the following:
· · Install the operating system
· · Configure TCP/IP
· · Install Active Directory and DNS
· · Install DHCP
· · Create a user account in Active Directory
Install the operating system on DC1
First, install Windows Server 2012 R2 as a standalone server.
|
|
|
1. Start the installation of Windows Server 2012 R2. 2. Follow the instructions to complete the installation, specifying Windows Server 2012 R2 (full installation) and a strong password for the local Administrator account. Log on using the local Administrator account. 3. Connect DC1 to a network that has Internet access and run Windows Update to install the latest updates for Windows Server 2012 R2. 4. Connect DC1 to the Fabrikam_Corpnet virtual switch on WNVHOST4. |
Configure TCP/IP properties on DC1
Next, configure the TCP/IP protocol with a static IP address of 10.0.0.1 and the subnet mask of 255.255.255.0.
|
|
|
1. In Server Manager, click Local Server in the console tree. Click the link next to Ethernet. 2. In Network Connections, right-click Ethernet, and then click Properties. 3. Click Internet Protocol Version 4 (TCP/IPv4), and then click Properties. 4. Select Use the following IP address. In IP address, type 10.0.0.1. In Subnet mask, type 255.255.255.0. In Default gateway, type 10.0.0.2. Select Use the following DNS server addresses. In Preferred DNS server, type 127.0.0.1. 5. Click OK and then close the Ethernet Properties dialog. 6. Close the Network Connections window. 7. From the Tools menu in Server Manager, click Windows PowerShell. 8. To configure the firewall to allow ICMPv4 ping packets, type the following commands and press ENTER after each command. New-NetFirewallRule –DisplayName “Allow ICMPv4-In” –Protocol ICMPv4 New-NetFirewallRule –DisplayName “Allow ICMPv4-Out” –Protocol ICMPv4 –Direction Outbound 9. Close the Windows PowerShell window. 10. In Server Manager, click Local Server in the console tree. Click the link next to Computer name in the Properties tile. 11. On the Computer Name tab of the System Properties dialog, click Change. 12. In Computer name, type DC1, click OK twice, and then click Close. When you are prompted to restart the computer, click Restart Now. 13. After restarting, login using the local Administrator account. |
Configure DC1 as a domain controller and DNS server
Next, configure DC1 as a domain controller and DNS server for the corp.fabrikam.com domain.
|
|
|
1. Launch Server Manager. 2. On the Dashboard screen, under Configure this local server, click Add roles and features. 3. Click Next three times to get to the server role selection screen. 4. In the Select Server Roles dialog, select Active Directory Domain Services. Click Add Features when prompted, and then click Next. 5. In the Select features dialog, click Next. 6. In the Active Directory Domain Services dialog, click Next. 7. In the Confirm installation selections dialog, click Install. Wait for the installation to complete. 8. In the Installation Progress dialog, click the Promote this server to a domain controller link.
9. In the Deployment Configuration dialog, select Add a new forest. In the Root domain name field, type corp.fabrikam.com. Click Next. 10. In the Domain Controller Options dialog, leave the default values, specify a strong DSRM password twice, and then click Next four times to accept default settings for DNS, NetBIOS, and directory paths. 11. In the Review Options dialog, review your selections and then click Next.
12. In the Prerequisites Check dialog, allow the validation to complete and verify that no errors are reported. Since this is the first DNS server deployment in the forest, you can safely ignore all warnings regarding DNS delegation. Click Install to start the domain controller promotion. Allow the installation to complete. 13. Allow the domain controller to restart. After the server restarts, logon using the CORP\Administrator credentials. |
Install and configure DHCP on DC1
Next, configure DC1 as DHCP server so that remote computers can automatically obtain an IP address when establishing site-to-site VPN connections.
|
|
|
1. In the Dashboard console of Server Manager, under Configure this local server, click Add roles and features. 2. Click Next three times to get to the server role selection screen. 3. In the Select server roles dialog, select DHCP Server, click Add Features when prompted, and then click Next. 4. In the Select features dialog, click Next. 5. Click Next on the DHCP Server screen, and then click Install. 6. Allow the installation to complete, and then in the Results window, click the link for Complete DHCP configuration. 7. In the DHCP Post-Install configuration wizard, click Next, and then click Commit. 8. On the Summary page, click Close. 9. In the Add Roles and Features Wizard, click Close. 10. From the Tools menu in Server Manager, click DHCP. 11. In the DHCP console tree, expand dc1.corp.fabrikam.com, and click IPv4. Right-click IPv4, and click New Scope. 12. Click Next in the New Scope Wizard. 13. Type Corpnet for scope name, and then click Next. 14. Next to Start IP Address, type 10.0.0.100, next to End IP Address, type 10.0.0.200, and next to Subnet Mask, type 255.255.255.0. 15. Click Next eight times to accept all scope option default settings, and then click Finish. 16. Close the DHCP Manager console. |
Create a user account in Active Directory on DC1
Next, create a user account in Active Directory that will be used when logging in to CORP domain member computers.
|
|
|
1. From the Tools menu in Server Manager, click Active Directory Administrative Center. 2. In the console tree, click the arrow to expand corp (local), and then double-click Users. This adds Users as a recent navigation link in the console tree. 3. In the Tasks pane, click New, and then click User. 4. In the Create User dialog, type User1 next to Full name and type User1 next to User SamAccountName logon: corp\. 5. In Password, type the password that you want to use for this account, and in Confirm password, type the password again. 6. Under Password options, select Other password options, and select Password never expires. 7. Scroll down to access the Member of section of the Create User dialog, and click Add. Type Domain Admins; Enterprise Admins, and then click OK. 8. Click OK to close the Create User dialog. 9. Exit the Active Directory Administrative Center. 10. Sign out of DC1 as the Administrator user, and then sign in using the User1 account. |
Step 2: Configure APP1
APP1 is a virtual machine running on the WNVHOST4 server. APP1 provides web and file sharing services. APP1 configuration consists of the following:
· · Install the operating system.
· · Configure TCP/IP.
· · Join the computer to the domain.
· · Install the Web Server (IIS) role.
· · Create a shared folder.
Install the operating system on APP1
|
|
|
1. Start the installation of Windows Server 2012 R2. 2. Follow the instructions to complete the installation, specifying a strong password for the local Administrator account. Log on using the local Administrator account. 3. Connect APP1 to a network that has Internet access and run Windows Update to install the latest updates for Windows Server 2012 R2. 4. Connect APP1 to the Fabrikam_Corpnet virtual switch on WNVHOST4. |
Configure TCP/IP properties on APP1
|
|
|
1. In Server Manager, click Local Server in the console tree. Click the link next to Ethernet in the Properties tile. 2. In Network Connections, right-click Ethernet, and then click Properties. 3. Click Internet Protocol Version 4 (TCP/IPv4), and then click Properties. 4. Select Use the following IP address. In IP address, type 10.0.0.3. In Subnet mask, type 255.255.255.0. 5. Select Use the following DNS server addresses. In Preferred DNS server, type 10.0.0.1. 6. Click OK, and then click Close. Close the Network Connections window. 7. From the Tools menu in Server Manager, click Windows PowerShell. 8. To configure the firewall to allow ICMPv4 ping packets, type the following commands and press ENTER after each command. New-NetFirewallRule –DisplayName “Allow ICMPv4-In” –Protocol ICMPv4 New-NetFirewallRule –DisplayName “Allow ICMPv4-Out” –Protocol ICMPv4 –Direction Outbound 9. To check name resolution and network communication between APP1 and DC1, type ping dc1.corp.fabrikam.com in the command prompt window and press ENTER. 10. Verify that there are four replies from 10.0.0.1. 11. Close the Windows PowerShell window. |
Join APP1 to the CORP domain
|
|
|
1. In Server Manager, click Local Server in the console tree. Click the link next to Computer name in the Properties tile. 2. In the System Properties dialog box, click the Computer Name tab. On the Computer Name tab, click Change. 3. In Computer Name, type APP1. Under Member of, click Domain, and then type corp.fabrikam.com. 4. Click OK. 5. When you are prompted for a user name and password, type User1 and its password, and then click OK. 6. When you see a dialog box welcoming you to the corp.fabrikam.com domain, click OK. 7. When you are prompted that you must restart the computer, click OK. 8. On the System Properties dialog box, click Close. 9. When you are prompted to restart the computer, click Restart Now. 10. After the computer restarts, click the Switch User arrow icon, then click Other User and log on to the CORP domain with the User1 account. |
Install the Web Server (IIS) role on APP1
Next, install the Web Server (IIS) role to make APP1 a web server.
|
|
|
1. In the Dashboard console of Server Manager, click Add roles and features. 2. Click Next three times to get to the server role selection screen. 3. In the Select Server Roles dialog, select Web Server (IIS), and then click Next. 4. Click Next three times to accept the default Web Server role settings, and then click Install. 5. Allow the installation to complete, and then click Close. |
Create a shared folder on APP1
Next, create a shared folder and a text file within the folder.
|
|
|
1. From the desktop taskbar, click File Explorer. 2. Expand This PC, and then double-click Local Disk (C:). 3. Right-click in the details pane, point to New, and then click Folder. 4. Type Files, and then press ENTER. Leave the Local Disk window open. 5. From the Start screen, click the down arrow for the All Apps link, and then type Notepad. Right-click Notepad, and then click Run as administrator. 6. In the Untitled – Notepad window, type This is a shared file. 7. Click File, click Save, double-click This PC, double-click Local Disk (C:), and then double-click the Files folder. 8. In File name, type Example.txt, and then click Save. Close the Notepad window. 9. In the Local Disk window, right-click the Files folder, point to Share with, and then click Specific people. 10. Click Share, and then click Done. 11. Close the Local Disk window. |
Step 3: Configure EDGE1
EDGE1 is a virtual machine running on the WNVHOST4 server. EDGE1 configuration consists of the following:
· · Install the operating system.
· · Configure TCP/IP.
· · Join the computer to the domain.
EDGE1 must have two network adapters installed. Connect one adapter to the Fabrikam_Corpnet virtual switch on WNVHOST4, and connect the second adapter to the Internet virtual switch on WNVHOST4.
Install the operating system on EDGE1
First, install Windows Server 2012 R2 as a standalone server.
|
|
|
1. Start the installation of Windows Server 2012 R2. 2. Follow the instructions to complete the installation, specifying Windows Server 2012 R2 (full installation) and a strong password for the local Administrator account. Log on using the local Administrator account. 3. Connect EDGE1 to a network that has Internet access and run Windows Update to install the latest updates for Windows Server 2012 R2. 4. Connect one network adapter to the Fabrikam_Corpnet virtual switch and the other to the Internet virtual switch on WNVHOST4. |
Configure TCP/IP properties on EDGE1
Configure the TCP/IP protocol with static IP addresses on both interfaces.
|
|
|
1. In Server Manager, click Local Server in the console tree. Click the link next to Ethernet in the Properties tile. 2. In Network Connections, right-click the network connection that is connected to the Corpnet subnet, and then click Rename. 3. Type Corpnet, and then press ENTER. 4. Right-click Corpnet, and then click Properties. 5. Click Internet Protocol Version 4 (TCP/IPv4), and then click Properties. 6. Select Use the following IP address. In IP address, type 10.0.0.2. In Subnet mask, type 255.255.255.0. 7. Select Use the following DNS server addresses. In Preferred DNS server, type 10.0.0.1. 8. Click Advanced, and then the DNS tab. 9. In DNS suffix for this connection, type corp.fabrikam.com, and then click OK three times to close the network properties dialog. 10. In the Network Connections window, right-click the network connection that is connected to the Internet subnet, and then click Rename. 11. Type Internet, and then press ENTER. 12. Right-click Internet, and then click Properties. 13. Click Internet Protocol Version 4 (TCP/IPv4), and then click Properties. 14. Select Use the following IP address. In IP address, type 131.107.0.5. In Subnet mask, type 255.255.255.0. 15. Select Use the following DNS server addresses. In Preferred DNS server, type 131.107.0.1. 16. Click Advanced. Click the DNS tab. 17. In DNS suffix for this connection, type isp.example.com, and then click OK three times to close the network properties dialog. 18. Close the Network Connections window. 19. From the Tools menu in Server Manager, click Windows PowerShell. 20. To configure the firewall to allow ICMPv4 ping packets, type the following commands and press ENTER after each command. New-NetFirewallRule –DisplayName “Allow ICMPv4-In” –Protocol ICMPv4 New-NetFirewallRule –DisplayName “Allow ICMPv4-Out” –Protocol ICMPv4 –Direction Outbound 21. To check name resolution and network communication between EDGE1 and DC1, type ping dc1.corp.fabrikam.com in the command prompt window and press ENTER. 22. Verify that there are four responses from 10.0.0.1. 23. Close the Windows PowerShell window. |
Join EDGE1 to the CORP domain
|
|
|
1. In Server Manager, click Local Server in the console tree. Click the link next to Computer name in the Properties tile. 2. In the System Properties dialog box, click the Computer Name tab. On the Computer Name tab, click Change. 3. In Computer Name, type EDGE1. Under Member of, click Domain, and then type corp.fabrikam.com. 4. Click OK. 5. When you are prompted for a user name and password, type User1 and its password, and then click OK. 6. When you see a dialog box welcoming you to the corp.fabrikam.com domain, click OK. 7. When you are prompted that you must restart the computer, click OK. 8. On the System Properties dialog box, click Close. 9. When you are prompted to restart the computer, click Restart Now. 10. After the computer restarts, click the Switch User arrow icon, then click Other User and log on to the CORP domain with the User1 account. |
Step 4: Test access to resources on APP1
Test connectivity to file and web resources on APP1 from DC1 while APP1 is directly connected to the Fabrikam Corpnet subnet. Later, APP1 will be moved to the simulated hoster datacenter.
|
|
|
1. Sign in to DC1 using the CORP\User1 domain account. 2. From the desktop taskbar, click the File Explorer icon. 3. In the address bar, type \\app1\Files, and then press ENTER. 4. You should see a folder window with the contents of the Files shared folder. 5. In the Files shared folder window, double-click the Example.txt file. You should see the contents of the Example.txt file. 6. Close the Example - Notepad window. 7. Close File Explorer. 8. In Server Manager, select Local Server in the console tree. 9. Under Properties for DC1, next to IE Enhanced Security Configuration, click On. 10. Change the IE ESC option to Off for Administrators. Click OK. 11. Launch Internet Explorer. 12. In the address bar, type http://app1.corp.fabrikam.com and then press ENTER. 13. Verify that the default Internet Information Services web page is displayed from APP1. 14. Close Internet Explorer. |