Configure Secure RDP using a Windows Bastion Host
For this Challenge Lab you must complete a series of tasks within a limited time period. Instead of following step-by-step instructions, you'll be given a scenario and task - you figure out how to to complete it on your own! An automated scoring system (shown on this page) will provide feedback on whether you have completed your tasks correctly.
To score 100% you must complete all tasks within the time period!
When you take a Challenge Lab, you will not be taught GCP concepts. You'll need to use your advanced Google Compute Engine (GCE) skills to assess how to build the solution to the challenge presented. This lab is only recommended for students who have GCE skills. Are you up for the challenge?
Create a new VPC to host secure production Windows services.
Create a Windows host connected to a subnet in the new VPC with an internal only network interface.
Create a Windows bastion host (jump box) in with an externally accessible network interface.
Configure firewalls rules to enable management of the secure Windows host from the Internet using the bastion host as a jump box.
加入 Qwiklabs 即可阅读本实验的剩余内容…以及更多精彩内容！
- 获取对“Google Cloud Console”的临时访问权限。
- 200 多项实验，从入门级实验到高级实验，应有尽有。
A new non-default VPC has been created
The new VPC contains a new non-default subnet within it
A firewall rule exists that allows TCP port 3389 traffic ( for RDP )
A Windows compute instance called vm-bastionhost exists that has a public ip-address to which the TCP port 3389 firewall rule applies.
A Windows compute instance called vm-securehost exists that does not have a public ip-address
The vm-securehost is running Microsoft IIS web server software.