Hey everyone!
My company is currently working on a CTF platform. In case you did not know, a CTF platform is a place where you can practice your ethical hacking skills in a safe, rewarding and legal way. An example of this would be https://tryhackme.com or https://hackthebox.com
In order to access the boxes, you would need to do that through a VPN because we can not have the boxes publicly available for obvious reasons.
Note: These are all VIRTUAL machines, nothing is physical except for the big server running Proxmox inside my house.
Definitions:
Clients - anyone that is a registered user that is trying to access a machine on our local network
Box - a virtual machine that will be intentionally vulnerable to cyber threats in order for the client to test out his/her skills.
Here is what our network needs to consist of:
Info: We are running the VMs off of Proxmox
Info: The LOCAL range is 192.168.0.0/24
A range for the users trying to access the boxes: 10.8.0.0/22
A range for the actual boxes to allow the clients to access them: 10.9.0.0/22
- Clients cannot talk to other clients (to prevent a free-for-all-hack-anyone-on-the-network event)
- Boxes cannot talk to the outside internet (to prevent malware infections from script kiddies)
- Boxes can talk to other boxes (would be nice for certain types of practice)
- Boxes and clients CANNOT talk to the LOCAL range
I am looking for some guidance on how I could go about this on Proxmox or OpenVPN. Our current setup is running a VM inside of Proxmox dedicated to the OpenVPN service, but we are stuck at that point as far as the ranges, blocking access, etc etc.
If you need any more information, please feel free to reply and I will answer ASAP! Also, if there is something that we could improve or change in our setup also let me know!
Thank you for your help!