-
Notifications
You must be signed in to change notification settings - Fork 0
/
Ludus-DefaultAD-AllowInternet
74 lines (73 loc) · 1.78 KB
/
Ludus-DefaultAD-AllowInternet
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
# Same as default configuration but allows for internet during testing mode for the Windows servers. This allows
# us to setup Defender on the boxes without issue.
ludus:
- vm_name: "{{ range_id }}-ad-dc-win2022-server-x64"
hostname: "{{ range_id }}-DC01-2022"
template: win2022-server-x64-template
vlan: 10
ip_last_octet: 11
ram_gb: 8
cpus: 4
windows:
sysprep: false
domain:
fqdn: ludus.domain
role: primary-dc
testing:
snapshot: true
block_internet: false
- vm_name: "{{ range_id }}-ad-win11-22h2-enterprise-x64-1"
hostname: "{{ range_id }}-WIN11-22H2-1"
template: win11-22h2-x64-enterprise-template
vlan: 10
ip_last_octet: 21
ram_gb: 8
cpus: 4
windows:
install_additional_tools: true
office_version: 2019
office_arch: 64bit
domain:
fqdn: ludus.domain
role: member
testing:
snapshot: true
block_internet: false
- vm_name: "{{ range_id }}-kali"
hostname: "{{ range_id }}-kali"
template: kali-x64-desktop-template
vlan: 99
ip_last_octet: 1
ram_gb: 8
cpus: 4
linux: true
testing:
snapshot: false
block_internet: false
network:
inter_vlan_default: REJECT
rules:
- name: Only allow windows to kali on 443
vlan_src: 10
vlan_dst: 99
protocol: tcp
ports: 443
action: ACCEPT
- name: Only allow windows to kali on 80
vlan_src: 10
vlan_dst: 99
protocol: tcp
ports: 80
action: ACCEPT
- name: Only allow windows to kali on 8080
vlan_src: 10
vlan_dst: 99
protocol: tcp
ports: 8080
action: ACCEPT
- name: Allow kali to all windows
vlan_src: 99
vlan_dst: 10
protocol: all
ports: all
action: ACCEPT