Ok so last night was 90 percent successful in the setup of the Hack Lab. I was able to setup the local network in VMWare but was struggling with the install of Smoothwall Express 3.0. It seems there is an issue running it in VMWare with a virtual SCSI drive, so I decided to download and try the Endian Community firewall. This firewall was impressive with a nice GUI interface and options, however I still came across a similar problem with the configuration and routing between the VMWare bridged network and the VMNetx networks. The forum was a bit sketchy when it comes to deploying in VMWare so I could not find the result I wanted with that firewall.
So what it comes down to is I plan to configure Ubuntu Server 10.10 with IPTables and use the UFW program to design the rules for the firewall. This will serve as a gateway for the network and in theory I can use the Bridged network in VMWare instead of using the VMNetx virtual network adaptors. Obviously firewalls operate a lot more efficiently when mapping virtual adaptors to physical NIC cards but as I don’t have a spare server lying around with 2 NICs I have to resort to using VMWare on a laptop. ** Mental note to self – buy a cheap server in Vegas next year **
I have had success running Check Point firewalls in VMWare to demo Proof of Concepts in my job and since 2008 I have really appreciated the ease of setting up Check Point firewalls. They really have nailed the management interface. Ok I am biased but I have used Juniper and Cisco PIX firewalls in the past and their interfaces were not intuitive like the Check Point Smartdashboard interface. Only problem is you only get a 15 day eval license with Check Point products and in the real world that is not long enough while you are developing a POC for a client. I am currently running a project with Check Point and the SSL VPN mobile access client for R71.10 which will allow the client to connect to the network via iPads. Pretty cool eh.