EMAIL SUPPORT
dclessons@dclessons.comLOCATION
AFLAB : Configure WAF to block Web traffic
LAB : Configure WAF to block web traffic in AWS.
Topology:
Refer below topology to configure WAF.
Task :
- Create Security Group for Load Balancer, here we will be using default SG which allows all traffic.
- Create the web servers in Default VPC
- Create a Load Balancer: Dclessons-App-LB and test the traffic from it.
- Create an IP Set: Dclessons-IP-Set along with web ACL named Dclessons-Web-ACL
- Testing the working of the WAF with blocking and Unblocking the IP
Solution:
Launching EC2 Instance:
Launch EC2 instance, refer below figure to configure it.
In Advance Setting, under user Data Section, use below Script.
#!/bin/bash
sudo su
yum update -y
yum install -y httpd
systemctl start httpd
systemctl enable httpd
echo " This is Dclessons Response coming from server A" > /var/www/html/index.html
Repeat the same script for Second EC2 instance
#!/bin/bash
sudo su
yum update -y
yum install -y httpd
systemctl start httpd
systemctl enable httpd
echo " This is Dclessons Response coming from server B" > /var/www/html/index.html
Creating Load Balancer:
In the EC2 Console, Navigate to Target Groups, present in the left panel under Load Balancing. | Click on the Create target group button.
Choose Instance Type: Instances | Target Group name: Dclessons-TG with protocol HTTP and port 80.
Select VPC: Default VPC , protocol Version: HTTP | Health Check: HTTP with Health Check path /index.html | Click Next.
Under Register Target , Select both EC2 instances and Click Include as pending Below.
Now go to Load balancer Section, Click to create Application load balancer | Under basic Configuration : Name: Dclessons-App-LB | Scheme: Internet facing | IP address type: IPV4. Under VPC: Select Default VPC and Subnet: Default-Sub-east-2a.
Under Security Group section: Select default Security Group and in Listeners and Routing:
Listener: HTTP:80, Protocol TCP , Port 80 and target Group : Dclessons-TG.
Click Create Load balancer.
Comment
TABLE OF CONTENTS
- LAB: Create a Custom VPC & test reachability between EC2 via Internet GW and NAT GW.
- LAB: Configure EC2 as VPN Server for Open VPN Connection
- LAB: Configure AWS Site to Site VPN Connection
- LAB: Configure Network Loadbalancer
- LAB : Configure Transit Gateway with Segmentation
- LAB :Configure Transit Gateway Peering between Two VPC
- LAB: Configure VPC Peering between Two VPC
- LAB : Configure VPC Endpoint to access S3
- LAB: Configure End to End VPC Endpoint Service
- LAB : Create VPC Flow Logs and Generate Traffic
- LAB : Configure WAF to block Web traffic
RECENT POSTS
- Advancing Your Career with Cisco Data Center Mastery: A Comprehensive Guide to Nexus Training
- Securing Networks in the Digital Age: Your Guide to Mastering Cisco Identity Services Engine (ISE)
- Becoming an AWS Solution Architect: Your Path to Cloud Expertise
- Navigating Your Journey to Docker Expertise: Master Docker with Comprehensive Training and Certification
- Transform Your Azure Networking Expertise Through AZ-700 Training
- Why Choose DClessons for Your SD-WAN Velocloud Training Needs
- Next-Level Networking: Unlocking Cisco ACI and DCACIA Potential with DClessons
- Mastering Data Center Technologies with DClessons: A Comprehensive Guide to Cisco CCIE Data Center Training
- Why Choose Cisco SD-WAN Solutions with DClessons?
- What is Docker and Why is It Important?
LEAVE A COMMENT
Please login here to comment.