Tribhuvan University

Himalaya Darshan College

A Final Year Internship

Report on

“Firewall Configuration”

At

Gnest Technology

Submitted to:

Department of Computer Science and Information Technology

For the partial fulfillment of Bachelor’s Degree of computer Science and

Information Technology

Submitted by:

Kanhaiya Shah

TU Roll No: 11536/073

 SUPERVISOR’S RECOMMENDATION
I hereby recommend that this internship report prepared under my supervision by
Kanhaiya Shah entitled “Firewall Configuration” is accepted as fulfilling in partial
requirements for the degree of Bachelor of Science and Information Technology. In
my best knowledge this is an original work in computer science by him.

Date:

…................................................

Gyaneshwar Rajbanshi

Project coordinator

(Internship Supervisor)
 CERTIFICATE OF APPROVAL
The undersigned certify that they have read and recommended to the Department of
Computer Science for acceptance an internship reported entitled “Firewall
Configuration” submitted by Kanhaiya Shah (TU Roll No.: 11536/073) in partial
fulfillment for the degree of Bachelor of Science in Computer Science and
Information Technology.

…............................................

Mr. Gyaneshwar Rajbanshi

Supervisor/Project Coordinator

…..............................................

Mr.

External Examiner

Tribhuvan University

.............................................

Mr. Sumit Babu Shah

Head Department of BSc. CSIT

Himalaya Darshan College

 Internship Completion Letter
We fell content to certify that Mr. Kanhaiya Shah, pursing her Bachelor of Science
in Computer Science and Information Technology (BSc. CSIT) from Himalaya
Darshan College, has successfully completed her internship program as Network and
System Assistant at Gnest Technology of computer Solution from 17 th October
2021 to

We found him extremely inquisitive and hardworking. He was very much interested
to learn the functions of our core division and also willing to put her best effort and
get in-depth of the subject to understand it better. His association with us was very
fruitful and we wish her all the best for her future endeavors.

….......................................

Gyaneshwar Rajbanshi

Senior Network Officer

Gnest Technology of computer solution

Roadses, Biratnagar
 ACKNOWLEDGEMENT
The main purpose of internship program is to provide the practical knowledge in
computer science and information technology related field to the student. I could not
have done this work without the help that I received cheerfully from my college
“HIMALAYA DARSHAN COLLGE”.

Firstly, my special thanks to Mr. Sumit Shah sir (coordinator BSc. CSIT, Himalaya
Darshan College). I am highly indebted to Mr. Gyaneshwar Rajbanshi (Supervisor)
for the patient guidance encouragement and air device during my internship period
and also for age trustworthy help towards making this report the standard as per the
norms and values.

I forfeit my respect to Mr. Gyaneshwar Rajbanshi (Mentor, Gnest technology) under

whom I have learnt a lot of practical knowledge about handling the real project. he
has shown good patience and high level of experience to guide me through the
internship. my gratitude for his trust and generosity good beyond words.

Finally, my thanks and appreciation go to each and every one of my colleagues and
the entire team who always encouraged and supported me. without the priceless
contribution and guidance of all above mentioned, really, I could not have learned
as many things I have learned in my intern period.

Kanhaiya Shah (11536/073)

 ABSTRACT
This internship conducted for the partial fulfillment of the Bachelor of Science in
computer science and information (BSc. CS CSIT) degree awarded by Tribhuvan
university (TU). As for the partial fulfillment, I was interned as a network assistant
in an organization Gnest technology. The main focus of the organization is to solve
Any network issues. I got a chance to learn about configuring routers, configuring
firewall, troubleshooting client's problem and provide them a solution. I also went
to field visit to solve various network issues. in the later portion of my internship, I
was also involved in research and development with particular topic. Participating
in an internship allowed me to gain a better perspective by applying the principles
and theories we have developed in the classroom. this internship helped me a lot as
I am confident that I could efficiently Work in networking industry with my full
dedication.
 TABLE OF CONTENT

ACKNOWLEDGEMENT.....................................................................v

ABSTRACT............................................................................................v

LIST OF FIGURES..............................................................................ix

LIST OF TABLES.................................................................................x

LIST OF ABBREVIATIONS..............................................................xi

CHAPTER 1...........................................................................................1

INTRODUCTION..................................................................................1

1.1 Introduction to Internship...................................................................................1

1.2 Introduction to Project........................................................................................1

1.3 Objectives............................................................................................................2
1.4 Brief Introduction of industry ............................................................................2

1.4.1 Introduction to organization........................................................................2

1.4.2 Organization rationale.................................................................................3

1.4.3 Motivation...................................................................................................3

1.5 Organizational hierarchy.…...............................................................................4

1.6 Responsibilities assigned....................................................................................4

1.7 Duration..............................................................................................................5

1.8 Problem statement..............................................................................................5

CHAPTER2.............................................................................................6
RESEARCH METHODOLOGY.........................................................6

2.1 Study of existing system.....................................................................................6

2.1.1 Cisco ASA 5500-X Series...........................................................................6

2.1.2 Palo Alto......................................................................................................6

CHAPTER 3...........................................................................................8

SYSTEM ANALYSIS............................................................................8

3.1 System design.................................................................................................8

3.1.1 Firewall....................................................................................................8

3.1.2 Propose of the system..............................................................................8

3.2 System requirements.......................................................................................9

3.2.1 Functional requirements..........................................................................9

3.2.2 Nonfunctional requirements …...............................................................9

3.3 Feasibility Study.............................................................................................9

3.3.1 technical feasibility...................................................................................9

3.3.2 economic feasibility..................................................................................9

3.3.3 operational feasibility.............................................................................10

3.3.4 schedule feasibility.................................................................................10

CHAPTER 4.........................................................................................11

PROJECT IMPLEMENTATION......................................................11
4.1 Tool used..........................................................................................................11

4.2 Implementation................................................................................................11
4.2.1 Functionalities...............................................................................................11

4.2.2 Security.......................................................................................................12

4.2.3 System development...................................................................................13

4.3 Implementation of project step by step.............................................................13

CHAPTER 5..........................................................................................24
TESTING...............................................................................................24
5.1 Testing..............................................................................................................24

5.1.1 Unit testing with test cases.........................................................................24

CHAPTER 6.........................................................................................27

CONCLUSION....................................................................................27

6.1 Conclusion........................................................................................................27

6.2 Lesson learnt.....................................................................................................27

6.3 Recommendations............................................................................................27

REFERENCES......................................................................................29
 LIST OF FIGURES
figure 1.1: organizational hierarchy..........................................................................4

figure 3.1: firewall network design...........................................................................8

Figure 4.1: log in for interface configuration.........................................................14

Figure 4.2: dashboard of Fortinet...........................................................................14

Figure 4.3: assigning IP address.............................................................................15

Figure 4.4: assigning internal network …..............................................................15

Figure 4.5: setting IP address.................................................................................16

Figure 4.6: routing configuration............................................................................16

Figure 4.7: assigning IP address.............................................................................17

Figure 4.8: IPV4 configuration...............................................................................17

Figure 4.9: turning on NAT....................................................................................18

Figure 4.10: turning on logging option...................................................................18

Figure 4.11: creation of new user...........................................................................19

Figure 4.12: assigning password............................................................................19

Figure 4.13: Addition of created users to group....................................................20

Figure 4.14: assigning Internet in user group.........................................................20

Figure 4.15: NTML authentication.........................................................................21

Figure 4.16: ready for login....................................................................................21

Figure 4.17: enable URL filter...............................................................................22

Figure 4.18: enlisting URL to block.......................................................................22

Figure 4.19: turning on web filter...........................................................................23

Figure 5.1: authentication field...............................................................................25

Figure 5.2: state of hotspot working.......................................................................26

LIST OF TABLES
Table 1: duration of internship.................................................................................5

Table 2: detail of scheduling..................................................................................10

Table 3: test suit plan..............................................................................................25

Table 4: unit test case for login..............................................................................26

LIST OF ABBREVIATION
BSc. CSIT Bachelor of Science in Computer Science and Information
Technology

ASA Adaptive Security Appliance

CAPWAP Control and Provisioning of Wireless Access Point

IT Information Technology

DNS Domain Name Server

DMZ Demilitarized Zone

DOS Disk Operating System

FMG- Access Forti Manager access

FTP File Transfer Protocol

HTTP Hypertext Transfer Protocol

IDS Intrusion Detection System

IP Internet Protocol

IPV4 Internet Protocol Version 4

NFV Network Functions Virtualization

URL Uniform Resource Locator

VPN Virtual Private Network

WLAN Wireless Local Area Network

 CHAPTER 1

1. INTRODUCTION

1.1 Introduction to Internship

The internship program provides student working towards certificates and

associated their academic knowledge into real field. in the internship period
company checks the strengths and weakness of the trainee. Internship are
individualized and tailored to the needs and interest of each student in the program.

Internship is considered as the practical implementation of the theory education that

provides a chance to use the skills learned in the classroom in a real-world setting.
The internship is done as a partial fulfillment of requirement of the bachelor’s degree
in computer science and information Technology under TU.

This internship as per the requirement of the TU for the BSc. CSIT has enhanced the
skill and enthusiasms of the students are they get knowledge of the company
environments and to learn different aspects of working mechanism that prevail in
the organization internship benefits include:

• Developing personally and professionally while gaining confidence and real-

world experience
• Meeting and networking with practitioners in one’s area of interest
• Mentoring and performance feedback from the site supervisor.
• Earning academic credit while getting paid.

1.2 Introduction to Project

I have done my internship in networking as a network assistant is an IT expert who

manages an organization's network. The network assistant must possess a high level
of technology knowledge and is most commonly the highest level of technical staff
within a given organization. A network technically takes part in the management and
maintenance of desktop computers, servers, printers, switches, routers, firewalls,
software implementation, security updates, and a wide range of additional
technologies associated with both software and hardware within the network.

I worked as a junior level network assistant and I chose the firewall configuration as
a specific project for the finals of 8th semester as required by Tribhuvan University.
This project is intended to configure the firewall and provide network security to any
organization. A firewall is a system designed to prevent unauthorized access to or
from a private network. A firewall is a system designed to prevent unauthorized
access to or from a private network. A firewall configuration is a process in which
we can add or remove filters based on several conditions. After configuring a
firewall, it typically establishes a barrier between a trusted internal network and
untrusted external network, such as the internet. The process of correctly configuring
a firewall is complicated and prone to error, and it worsen as the network complexity
grows. A poorly configured firewall may result in major security threats, in the case
of a network firewall, an organization’s security could be endangered, and in the
case of a personal firewall, an individual computer’s security is threatened. Firewalls
are an essential part of your network security, and a misconfigured firewall can
damage organization and give easy access to an attacker. Fortinet firewall is used
for configuration of firewall in this project.

1.3 Objectives

The objectives of internship were to theory-based knowledge gained throughout

BSc. CSIT course and to gain knowledge and experience in IT industry. the
following is a list of some objectives which the internship might fulfill for both the
students and the organization:
 • To implement networking in corporate organization
• To provide students The opportunity to relate theory to practice
• To learn and practice the general configuration off router using different
routing strategies
• Troubleshooting network related problems
• to configure IP addresses and solve related issues
• to implement the concept of DHCP and user management.

1.4 Brief Introduction of Industry

1.4.1 Introduction to Organization

In view of the rapid changes in the information technology (IT) industry Gnest
technology offers strategic solution especially design to meet the client’s needs
across a wide range of sector government, semi government, financial institutions,
nonprofit business, and others. in case of Gnest technology the structure of the
organization is more like a boundary-less organization. the members in this company
believe more into eliminating vertical and horizontal boundaries break down
external barriers between the companies and its customers and suppliers.

Gnest technology and computer solution was established when well experienced and
specialist people together came up with the idea to run their own business. since the
existence of organizations have not been so long, the head of the management didn't
appear clear. Also, at time intern joined the company, intern believes partner is liable
to their specialized department and every work here is done by the agreement of all
the partners.
1.4.2 Organization Rationale

• Vision

To connect everyone, anywhere, all the time

• Customer-focus

We will go out of our way and walk that extra mile to WOW our customers

• Honesty

We are honest and transparent in our dealings.

• Efficiency

We strive to maximize efficiency in everything we do. We are frugal and seek value
in our spending

• Trust and Respect

We maintain a healthy work environment based on mutual trust and respect, that
builds strong teams and fosters long term relationships.

1.4.3 Motivation

The world has enhanced in technology and the new technologies are invented day
by day. Networking is the important area of technology. Networking deals with
maintenance and upgrading of the software and the problem arise in the system. I
always have curiosity about how the network system worked, how the problems
occur and what may be the possible solution? While using my own laptop and
internet service I have faced so many problems and I always want to know the cause
and solve the solution on my own. In future I want to make my carrier in the field of
network that’s why I choose the field of networking for the internship.

After studying three and half years of BSc. CSIT course, lots of theoretical
knowledge has acquired. According to the requirement of the course, at final year
we have to choose one of the organizations determined by college department for
internship. Simply it is the opportunity to gain the practical knowledge and
experience in real life working environment of an organization. As per my interest
in networking I have selected IT Security College of Computer as it is well renowned
organization that provide the network support to other private and government
organization.

1.5 Organizational Hierarchy

Figure 1.1: Organizational hierarchy

1.6 Responsibilities Assigned

I have done my internship add a network assistant. A network assistant is an IT

expert who managed an organizations network. the network assistant must possess
a high level of technological knowledge and is most commonly the highest level of
technical staff within a given organization. And network assistant is responsible for
installing maintaining and upgrading any software or hardware required to
efficiently run a computer network. The three months internship also involved
various activities and tasks as per the requirement of both the organization and the
project. During the internship, I learned about IP addresses various devices
configuration. WLAN, LAN, Beside the study of these, I went to field visit for
various network issues.

1.7 Duration

The detail about duration of internship of student is given below:

Organization Gtech technology Pvt. Ltd.

address Roadses, Biratnagar
position (Intern) Network Assistant
mentor Mr. Gyaneshwar Rajbanshi
start date
end date
working hour 8 hour per day
working days 6 days per week

1.8 Problem statement

Network security is a serious concern these days. Keeping create a reliable security
and trusted security firewall is required. configuring firewall is not an easy task.

it consists of various features so it is time consuming. it consists of abundant

features and also required knowledge about its terms and features Which makes it
difficult to configure. any organizations first priority is security. a well configured
firewall can solve different issues related to security.
by contributing a firewall, we provide Web filter which include blocking URL,
user management which restrict on authorized user. It is network issues like IP
conflict power cable connection new cable connection device configuration were
performed in the organization.
 CHAPTER 2

RESEARCH METHODOLOGY

Study of existing system

2.1.1 Cisco ASA 5500-X Series

Cisco offers the industry’s first threat-focused next-generation firewall: Cisco ASA
with fire POWER services available on the cisco ASA 5500-X series and ASA 5585-
X Adaptive Security Appliances. With this solution user get proven cisco ASA
firewall protection, combined with industry-leading source fire threat and advanced
malware protection in a single device. It protects business with superior visibility
and highly effective, threat-focused defense across the entire attack continuum. It
provides comprehensive visibility, reduced cost and complexity, and real-time
protection from malware and emerging threats.

These firewalls help you to balanced security effectiveness with productivity. This
solution offers the combination of the industry’s most deployed stateful firewall with
a comprehensive range of next-generation network security services. It includes
granular visibility and control, robust web security onsite or in the cloud, industry-
leading intrusion prevention system (IPS) to protect against known threats,
comprehensive protection from threats and advanced malware, world’s most widely
deployed ASA firewall with highly secure Cisco any connect remote access.

All Cisco ASA 5500-X Series Next-Generation firewalls are powered by Cisco
Adaptive Security Appliance (ASA) software, with enterprise-class stateful
inspection and next-generation firewall capabilities integration with other essential
network security technologies. It has high availability for high-resiliency
applications. (CISCI,2007)

Palo Alto

Palo Alto Networks firewalls include important security, integration, networking,

and management features. The PA-220 desktop form factors bring the same PAN-
OS features that protect your largest data centers-including high availability with
active/active and active/passive modes-to small organizations and remote or branch
offices. It provides interactive visibility and control of applications, users and
content at throughput speeds up to 500 Mbps. The PA-220 identifies any application,
regardless of port, encryption or evasive technique employed, and uses the
application-not the port-as the basis for all your safe enablement policy decisions:
allow, deny, schedule, inspect and apply traffic-shaping. It also categorizes
unidentified applications for policy control, threat forensics. It limits the
unauthorized transfer of files and sensitive data to safely enable non-work-related
web surfing. It also identifies unknown malware, analyzes it based on hundreds of
malicious behaviors, and then automatically creates and delivers protection.
(Alto,2005)
 CHAPTER 3

SYSTEM ANALYSIS

3.1 System Design

3.1.1 Firewall

A firewall is a network system that monitors and controls incoming and outgoing
network traffic based on predetermined security rules. A firewall typically
establishes a barrier between our trusted internal network an untrusted external
network such as the Internet. Firewall are often categorized as either network
firewalls or host-based firewalls. Network firewalls filter traffic between two or
more networks and run-on networks hardware. host based firewalls run on host
computers and control network traffic in and out of those machines.

Figure 3.1: firewall network design

3.1.2 Purpose of the System

The purpose of this age to provide user security from any threats. It does not allow
unauthorized users to access the Internet. user management can be done which
helps user to give access to the valid users only. Using firewall is advantageous, if
any users want to certain website which are not suitable for the organization, they
can do so by using firewall. By filtering the URL address is accessible to the user,
you are adding security to the computer system. in an organization, URL blocking
helps in improving the productivity. (Wickert,2015)

3.2 System Requirements

some requirements are the configuration that our system must have in order for a
hardware/software application to run smoothly and efficiently. failure to meet these
requirements can result in installation/performance problem.

restructuring system requirement concentrate on the definition, the structure and

relationships within data. Regrettably speaks of data capture during data modeling
are crucial in the design of databases, programs, computer screen and printed
reports. this information is essential in ensuring data integrity in an information
system.

Functional Requirements

Security: Firewall provide security so security is almost required

Firewall: It requires a firewall device.

Hardware devices: Laptops or mobile

Nonfunctional requirements

Availability: The first one should have uptime of 99% of the time
Usability: It provides positive user experience.

3.3 Feasibility Study

This ability is carried out to determine potential positive and negative outcomes of
a project before investing or considerable amount of time and money into it. insert
a feasibility analysis evaluates the project potential for success. following
feasibility analysis was performed prior to working on the project.

3.3.1 Technical Feasibility

This project is technically feasible due to its powerful devices and experienced
people with technical knowledge are preferably good. it provides security in high
level.

3.3.2 Economics Feasibility

Firewall does not have affordable price thus it is not economically feasible.

3.3.3 Operational Feasibility

this test of visibility checks how well the firewall meets the user requirement. users
use firewall for the network security. A well configured firewall provides network
security in an organization. the technical is stop having sufficient knowledge of the
tools being used and the users need just to know how to access and run the device.
hence it is concluded that the project is operationally feasible.

3.3.4 Schedule Feasibility

Gnatt chart display the overall timeline of the proposed project. It presents a
sequential breakdown of individual tasks showing the relationship between task
and the time taken for each task.
 CHAPTER 4

PROJECT IMPLEMENTATION

4.1 Tool Used

Firewall device, laptop mobile and Ethernet cable

4.2 Implementation

4.2.1 Functionalities

What actually a security firewall does: it provides a barrier to control or network

traffic both into and out of an organizations Internet connected network, Or
perhaps between different segment of an internal network. Generally, the firewall
has two network interfaces: one for the external side of the network, one for the
internal side. Its purpose is to control that traffic is allowed to traverse from one
side to the other. companies set up their firewalls to allow incoming connection to
put 80., which is the standard part of usage by web servers. this allows visitors to
get at a corporate website. company employees who have proper credentials, but
add the username and password, would be allowed access by a source connection,
typically a virtual private network. traffic from the trusted inside of the network
would be allowed to traverse the firewall and connected to the Internet, allowing
users to employ services such as email and FTP. when configured correctly,
firewall also provides protection against the threat including Daniel of service
(DOS) attacks. do US attacks occur when an intruder tries to barrage a corporate
website with a flood of traffic, so much so that it brings the web servers down and
potentially allows the intruder to break into it. from there, but intruder may be able
to access other network resources. more complex firewall support “stateful
inspection” technique, where the firewall looks at patterns in traffic follows to
identify animalic that suggest some form of attack is underway, such as DOS
attacks in practice most companies deploy two firewalls to create a Demilitarized
Zone. one firewall con connects to the Internet while the other connects to the
internal network. in between the two, where companies put their public facing web
servers. the idea is that even if an intruder succeeds in hacking into the web server,
such as via a DOS attack, the second firewall will prevent him from accessing the
private corporate network. in a similar fashion companies can configure multiple
firewalls inside their corporate networks to essentially divide the network into
multiple segments. that helps contain the damage should some form of warm or
other malware be unleashed in any given segment.

4.2.2 Security

In the world of computer firewall protection, a firewall refers to a network device

which blocks certain kind of network traffic forming or barriers between our
trusted and untrusted network.

• Packet filtering firewall

This type of firewall has a list of firewall security rules which can block traffic
based on IP protocol, IP address and port number. Under this firewall management
program, all web traffic will be allowed, including web-based attacks. In this
situation, you need to have interest on prevention in addition to firewall security in
order to differentiate between good web and bad web traffic. And it is not problem
with packet filtering firewalls which are not stateful is that the firewall can't tell the
difference between a legitimate return packet and a packet which pretend to be
from an established connection which means your firewall management system
configuration will have to allow both kinds of packets into the network.

• Stateful firewall
This is similar to a packet filtering firewall, but it is more intelligent about keeping
track of active connections, so you can define power management rules such as
“Only allow there gets into the networks that are part of an already established
outbound connections.” You have solved the established connection issue
described above, but you still can't tell the difference between “good” and “bad”
web traffic. you need intrusion prevention to detect and block all attacks.

• Deep packet inspections firewall

an application firewall actually examines the data in the packet, and can therefore
look at application layer attacks. this kind of firewall security is similar to interest
and prevention technology. there are three caveats, however. first the definition of
“deep” extends to some particular depth in the packet and does not necessarily
examine the entire packet. This can result in missing some kind of attacks. second
depending on the hardware, a firewall may not have adequate processing power to
handle the deep packet inspection for your network. next be sure to ask questions
about how much bandwidth it can handle while performing such inspection. and
finally, embedded firewall management technology may not have the flexibility to
handle all attacks.

• Application proxy firewall

An application proxy at an intermediary for certain application traffic (but add

HTTP, or web traffic), Intercepting all the quests and validating them before
passing them along. an application proxy firewall is similar to certain kind of
intrusion prevention. The implementation of a full application proxy is, however,
quite difficult, and each proxy can only handle one protocol (e.g., web or incoming
email). Because the implementation of the protocol being examined often do not
follow a protocol correctly or because implementer add their own extension to a
protocol this can desert in the proxy blocking bullet traffic.

4.2.3 System deployment

A firewall controls access between the external and internal networks. to prevent
unauthorized access from an external network, it blocks communication other than
that which is permitted for predetermined client or communication, to use a
firewall it is therefore necessary to class clarify and specify the port or IP addresses
for which communication is permitted. and intrusion detection system (IDS)
Monitors the communication line and huge communication patterns to determine
whether access is authorized.

deploying a firewall and intrusion detection system at appropriate point and

configuring them helps to protect the system from the following security threats:

• unauthorized third-party intrusion into the system from the outside.

• leakage of data handled by application to a third party.

4.3 Implementation of project is step by step

This part includes the field of system testing which each carried out with device of
Fortinet security system. the union powder the following snapshots were taken at the
period of demonstration. the network will be configured as below. you may need to
adjust the IP addresses to suit needs.

A. Configuring a firewall
1. interface configures
• log in
 Figure 4.1: Login for Interface Configuration

• Go to network Party
• click on interfaces
• create a new ‘WAN 1’

Figure 4.2: Dashboard of Fortinet

• Go to the address module and click on manual

• assigned IP/ network mask 192.168.100.150/255.255.255.0’.
 • Tick on ‘HTTPS’, ‘PING’, ‘HTTP’, ‘FMG- access’,’ CAPWAP’ protocol

Figure 4.3: Assigning IP address

For assigning internal network

• Go to addressing module and click on manual

• Assign '192.168.20.1/255.255.255.0’
• Tike on same edge ‘interface IP’ on default gateway
• Tick on ‘same as system DNS’ on DNS server

Figure 4.4: Assigning Internal network

• Change IP address
 Figure 4.5: Setting up IP Address

2. Routes configured

• go to network
• click on routing

Figure 4.6: Routing Configuration

• Create a new
• Destination: 0.0.0.0/0.0.0.0
• Gateway:192.168.100.1
 • Interface: Wan 1
• administration distance: 10

Figure 4.7: Assinging IP Address

3. IPV4 configure

• go to policy
• go to IPV 4
• create a new incoming interface ’Lan’(internal) and outgoing interface ‘wan
1’

Figure 4.8: IPV4 Configuration

• Assign 'all’ for source address, destination address and service
• NAT should be turned on.

Figure 4.9: Turning On NAT

Figure 4.10: Turning on Logging options

B. User Creation
1. Creating new user
• Go to user
• click on user group
• create a new user naming ‘Internet’, member’s s1 and s2.
• Add
 Figure 4.11: Creation of New User

• Go to user
• Create new user name ‘s1’ and ‘s2’
• Assigning a password

Figure 4.12: Assigning Password

• Click on add this user to group

• Click on Internet
 Figure 4.13: Addition of created user to group

4. Creating a Policy

• Go to policy
• click on add assign ‘Internet’ in user group ‘any’ in service, ‘always’ on
schedule
• Click on OK

Figure 4.14: Assigning Internet in user group

• Tick on NTML authentication
• click on OK

Figure 4.15 NTML Authentication

C. Web Filter
1. Blocking our URL
• go to security profile
• click on web filter
• enable URL filter
• in list the URL you want to block: * facebook.com, Type: Wildcard Action:
Block and tick enable on status.
 Figure 4.16: Enable URL filter

Figure 4.17: Enlisting URL to Block

2. Creating policy
• go to policy and object
• click on IPV4
• turn on ‘web filter’ on security profile
Figure 4.18: Turning on Web Filter
 CHAPTER 5

TESTING

5.1 Testing

Testing is the process of determining whether the system works effectively and
efficiently. Testing does not only include debugging. It also takes for quality
assurance validation and verification. reliability and availability estimation.
Testing can be done in various levels. Here in my project testing is done based on
authentication an authorization to both user and administrator.

Test suite plan Test Case ID Description

Users 1 Log In

Administrator 2 Authentication and

Authorization

Table 3: Test Suit Plan

5.1.1 Unique Testing with Test Cases

The unit testing part of testing methodology is the testing of individual software
modules or component that make up a system project.

SN Test Case Test Input test Expected Actual Remarks

ID Description data result Result
1 1 Enter S2 Login Logged Pass
valid ****** successful in
username
 and
password

1 2 Enter S Show Login Failed

valid ****** error successf
username message ul
and
password

Table 4: Unit Case for Login

Here,

Figure
5.1:

Authentication failed
As the username is listed as S2 here we typed s so the authentication failed but
when we type S2 we could get access to Internet.

After the successful login with password anality user input the firewall is start
working. This can be assured by ping in the command prompt with its public IP
address. this one in figure below:

Figure 5.2: State of hotspot working

 CHAPTER 6

CONCLUSION

Conclusion

the internship. Was a wonderful experience which provided the practical

experience and implementation of the theoretical knowledge that where again
during the class time and also had an opportunity to develop the professional skills
and self-confidence on the related interest field. I had the knowledge on
configuration of firewall.

during the internship, I had the opportunity of gaining The Walking mechanism of
the Internet and taught to manage the time and planning while working in a team.
the main achievement from the internship. Is to confidence inside before starting
the profession on related field. along with technical gain, I also had the knowledge
on handling the customers trouble in a systematic and easy way. besides that, I
learned about the file setting, troubleshoot the problem, and solved the IP problem.
this internship was a confident boosting factor for my future.

6.2 Lesson learnt

The internship program was very fruitful as it provided the opportunity to improve
their skills and knowledge and also helped in working with a large group of people
in a team. talking about the technical gain, the knowledge on firewall was
obtained.
during the internship., I learned to configure the various routers making them
primary and secondary use. I got an opportunity to maintain and implement
networking devices. I learned to work under extreme pressure and time constraints,
weight helped in building self-confident. finally, my internship helped me to gain
knowledge on firewall configuration and network security, wireless network, file
sharing, troubleshoot problem and also is provided me some useful knowledge
about IP.

6.3 Recommendation

name of the recommendations to the organizations are as follows:

• As an intern, I didn't get the access of the organization entire system which
limits the knowledge of the organization as well as technologies mechanism.
thus, should provide some access so that the intern can learn more deeply
about the organization.
• Any organization, usually the service based sued always give first priority to
the customers. organization must realize that the holding existing customer
is more important and fruitful than planning for new customers.
• the organization must bring new planning and packages so that the existing
customers are highly benefited and to attract the new customers from the
competitive market.
• the mentors assigned to the intern student must be highly experienced and
knowledgeable on related field.