As you can see, you are attached via VPN to the network 10.175.34.0/24 but there are also other three networks. In each network, there is a web server (you can access it by browsing its IP address with your web browser) with the following IP addresses: 172.16.88.81, 192.168.241.12 and 192.168.222.199.
Goal
The goal of the lab is to configure your VPN lab environment in order to reach all the hosts in the networks!
Tools
The best tool is, as usual, your brain. Then you may need:
OpenVPN client
Web browser
Steps
Check your current network configuration
Before connecting to the lab, check you current routes.
There are two Web Servers at the following addresses: 172.16.88.81 and 192.168.241.12. Are you able to navigate them once you are connected to the lab?
Add a route manually
We know that there is another server at the address 192.168.222.199. Right now, we do not have any route set on our machine and we are not able to reach it. Try adding the correct route to that network and see if you can reach it.
Solutions
After connecting to the labs, check if we are connected to the network
┌──(kali㉿kali)-[~/Desktop]
└─$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:a6:1f:86 brd ff:ff:ff:ff:ff:ff
inet 192.168.101.8/24 brd 192.168.101.255 scope global dynamic noprefixroute eth0
valid_lft 85879sec preferred_lft 85879sec
inet6 fe80::a00:27ff:fea6:1f86/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:bb:c3:4d:50 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
4: tap0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 1000
link/ether 0e:d3:1e:2c:9e:16 brd ff:ff:ff:ff:ff:ff
inet 10.175.34.100/24 scope global tap0
valid_lft forever preferred_lft forever
inet6 fe80::cd3:1eff:fe2c:9e16/64 scope link
valid_lft forever preferred_lft forever
We found that we are connected to network successfully via tap0.
Scanning the Network
Here i'll be performing a ping sweep to get the devices that are currently on the network.
$ fping -a -g 10.175.34.100/24 2>/dev/null 1 ⨯
10.175.34.1
10.175.34.100
here we see 2 hosts the network 34.1 and 34.100.
we will now try to reach the servers
open the server 172.16.88.81 and 192.168.222.199
Both the sites are reachable.
now ill check the routes for the secret server at 192.168.222.199
┌──(kali㉿kali)-[~/Desktop]
└─$ ip route
default via 192.168.101.1 dev eth0 proto dhcp metric 100
10.175.34.0/24 dev tap0 proto kernel scope link src 10.175.34.100
172.16.88.0/24 via 10.175.34.1 dev tap0
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
192.168.101.0/24 dev eth0 proto kernel scope link src 192.168.101.8 metric 100
192.168.241.0/24 via 10.175.34.1 dev tap0
As you can see that there is no route to the 192.168.222.199
we will go ahead and add a new route manually
┌──(kali㉿kali)-[~/Desktop]
└─$ sudo ip route add 192.168.222.0/24 via 10.175.34.1 2 ⨯
[sudo] password for kali:
┌──(kali㉿kali)-[~/Desktop]
└─$ ip route
default via 192.168.101.1 dev eth0 proto dhcp metric 100
10.175.34.0/24 dev tap0 proto kernel scope link src 10.175.34.100
172.16.88.0/24 via 10.175.34.1 dev tap0
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
192.168.101.0/24 dev eth0 proto kernel scope link src 192.168.101.8 metric 100
192.168.222.0/24 via 10.175.34.1 dev tap0
192.168.241.0/24 via 10.175.34.1 dev tap0
┌──(kali㉿kali)-[~/Desktop]
└─$
Our route to the subnet 192.168.222.0 is now added successfully.
Lets try to reach the webserver now.
i did another ping sweep for the subnet 192.168.222.0
