Lab assignment #2

Your mission today is to set up a virtual private network (VPN). This network will be used to distribute multimedia content.

Your goal is to make the network as large and complicated as possible. The network must consist of at least two sub-networks which must be connected by routers. There should be at least two entrance points.

To set up the VPN, you should first create a certificate authority (CA). Have this CA sign the certificates of each VPN server and client on your network.

Inside the network, set up an HTTP server. Have it serve multiple audio and video files. Make the same files available also over FTP, NFS and SMB.

Describe how you completed the tasks above in 8 files:

  • keys.txt - how you created the CA, all the keys and certificates, 2 points.
  • vpn.txt - how you set up the VPN network, 1 point
  • smb.txt - how you set up the SMB server, 1 point
  • http.txt - how you set up the HTTP, FTP and NFS servers, 1 point
  • network.svg - a schematic (picture) of your network in a vector format. Obligatory, 0 points.
  • routing.txt - a description of how you set up the routing tables, 1 point
  • members.txt - a list of VPN members. The file should contain three columns:the IP of each computer; the name and surname of the computer's owner; the country that the computer's owner is a citizen of. The columns should be separated by commas. Maximum - 2 points.
  • auth.txt - A description of how you configured authorization on servers. 1 point.

An additional two points will be awarded to the group which sets up the largest network. The size of the network will be judged as follows:

  • the number of computers in the network, 1 point / computer.
  • the number of students connected, 2 points / student.
  • the number of nations that the network connects, 4 points / citizenship.

To get a higher grade, make sure that there is a "TV channel" available on the network. This channel should broadcast video content. You can also configure the network so that the content is available over multicast. Secretely, you can also use the VPN to re-transmit the IPTV signal that gets sent to your home. You can make all the neccessarry user data available to all the servers in the network (e.g. through radius). The user data may be stored in a database - preferably accessible over LDAP.

Describe what you have done in the following files:

  • streaming.txt - how you set up video streaming, 1 point
  • dlna.txt - how you set up a multimedia server for modern appliances, 1 point
  • multicast-txt - how you set up multicast, 2 points.
  • radius.txt - how you set up authentication for all servers, 2 points.
  • ldap.txt - how you set up a common database for all users, 3 points
  • iptv.txt - how you set up IP, terrestrial or satelite TV forwarding, 3 points
  • polz.crt - a signed certificate which Polz can use to connect to your VPN.
  • polz.cfg - a configuration file Polz can use to connect to your network. The keys will be placed in the same directory as this configuration file.
  • ca.crt - the certificate of the CA which was used to sign the certificate of your server.
  • my_file.txt - a file containing an URL of a video or image file. This file should be accessible by anyone and should be downloadable using wget. The IP in the URL MUST be within your virtual network. If two students serve the same file, they will be called to defend their work individually. 3 points.

You must pack the files in the same manner as you did for the first lab assignment. In the case of improper formatting, 3 points will be deducted from your score.

Good luck!