Differences

This shows you the differences between two versions of the page.

--- en:veos:installation [2024/06/11 08:54] – elena.krasnobryzh
+++ en:veos:installation [2025/01/14 07:33] (current) – [Pre-configuring VEOS] elena.krasnobryzh
@@ Line 4: / Line 4: @@
 <note tip>Before rack-mounting the server, make sure it meets **necessary requirements**.
-  * [[en:dpi:dpi_brief:dpi_requirements:start|SSG requirements]]
+  * [[en:dpi:dpi_brief:dpi_requirements|SSG requirements]]
-  * [[en:dpi:dpi_components:dpiui:install_and_update:hardware_recommendations:start|GUI requirements]]
+  * [[en:dpi:dpi_components:dpiui:install_and_update:hardware_recommendations|GUI requirements]]
-  * [[en:dpi:dpi_components:qoestor:install_and_update:hardware_recommendations:start|QoE requirements]]
+  * [[en:dpi:dpi_components:qoestor:install_and_update:hardware_recommendations|QoE requirements]]
-:!: If any discrepancies are found at this stage, contact [[en:dpi:techsupport_info:start|VAS Experts technical support]] to promptly resolve the issue.</note>
+:!: If any discrepancies are found at this stage, contact [[en:dpi:techsupport_info|VAS Experts technical support]] to promptly resolve the issue.</note>
 ===== ISO Links =====
-  - [[https://repo.vasexperts.com/veos/8.7/isos/x86_64/VEOS-8.7-x86_64-Minimal.iso|VEOS 8.7 Sakhalin]] ([[https://repo.vasexperts.com/veos/8.7/isos/x86_64/checksum|SHA-256 checksum]]) for minimal installation.
+  * [[https://repo.vasexperts.com/veos/8.8/isos/x86_64/VEOS-8.8-x86_64-Minimal.iso|VEOS 8.8 Kildin]] ([[https://repo.vasexperts.com/veos/8.8/isos/x86_64/checksum|SHA-256 checksum]]) for minimal installation
 [[en:veos:installation:archived_versions]]
@@ Line 100: / Line 100: @@
 ===== Pre-configuring VEOS =====
-If you received a preinstalled system from us, please immediately refer to the [[en:dpi:dpi_brief:install_point_ssg:micra_install|Appliance installation instruction]] section.\\
+If you received a preinstalled system from us, please immediately refer to the [[en:dpi:dpi_brief:network_preparation:install_point_ssg:micra_install|Appliance installation instruction]] section.\\
 Otherwise, you need to install the VEOS operating system on your server yourself and give us remote SSH access and root rights to perform the installation and initial configuration of the platform. After the work is completed, the remote access can be closed.
@@ Line 107: / Line 107: @@
   - Save the password for **vasexpertsmnt**.
   - Set permission for users of the wheel group to use all commands on behalf of all users, for this you need to add to ///etc/sudoers// the line: <code>% wheel ALL=(ALL) NOPASSWD: ALL</code>
-  - To provide remote access via SSH and set restrictions on valid IP addresses from the list: <code> 45.151.108.0/22, 94.140.198.64/27, 78.140.234.98, 193.218.143.187, 93.100.47.212, 93.100.73.160, 77.247. 170.134, 91.197.172.2, 46.243.181.242, 93.159.236.11 </code>
+  - To provide remote access via SSH and set restrictions on valid IP addresses from the list: <code>45.151.108.0/23, 94.140.198.64/27, 193.218.143.187, 93.100.73.160, 78.140.234.98, 93.159.236.11, 46.243.181.35, 46.243.181.242</code>
 <code>
-iptables -A INPUT -m conntrack --ctstate RELATED, ESTABLISHED -j ACCEPT
+<code>
-iptables -A INPUT -p tcp -s 45.151.108.0/22 -m tcp --dport 22 -j ACCEPT
+	iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-iptables -A INPUT -p tcp -s 94.140.198.64/27 -m tcp --dport 22 -j ACCEPT
+	iptables -A INPUT -p tcp -s 45.151.108.0/23 -m tcp --dport 22 -j ACCEPT
-iptables -A INPUT -p tcp -s 78.140.234.98 -m tcp --dport 22 -j ACCEPT
+	iptables -A INPUT -p tcp -s 94.140.198.64/27 -m tcp --dport 22 -j ACCEPT
-iptables -A INPUT -p tcp -s 193.218.143.187 -m tcp --dport 22 -j ACCEPT
+	iptables -A INPUT -p tcp -s 193.218.143.187 -m tcp --dport 22 -j ACCEPT
-iptables -A INPUT -p tcp -s 93.100.47.212 -m tcp --dport 22 -j ACCEPT
+	iptables -A INPUT -p tcp -s 93.100.73.160 -m tcp --dport 22 -j ACCEPT
-iptables -A INPUT -p tcp -s 93.100.73.160 -m tcp --dport 22 -j ACCEPT
+	iptables -A INPUT -p tcp -s 78.140.234.98 -m tcp --dport 22 -j ACCEPT
-iptables -A INPUT -p tcp -s 77.247.170.134 -m tcp --dport 22 -j ACCEPT
+	iptables -A INPUT -p tcp -s 93.159.236.11 -m tcp --dport 22 -j ACCEPT
-iptables -A INPUT -p tcp -s 91.197.172.2 -m tcp --dport 22 -j ACCEPT
+	iptables -A INPUT -p tcp -s 46.243.181.35 -m tcp --dport 22 -j ACCEPT
-iptables -A INPUT -p tcp -s 46.243.181.242 -m tcp --dport 22 -j ACCEPT
+	iptables -A INPUT -p tcp -s 46.243.181.242 -m tcp --dport 22 -j ACCEPT
-iptables -A INPUT -p tcp -s 93.159.236.11 -m tcp --dport 22 -j ACCEPT
+	iptables -A INPUT -p tcp --dport 22 -j DROP
-iptables -A INPUT -p tcp --dport 22 -j DROP
+	service iptables save
-service iptables save
 </code>
 If you are using firewalld:
 <code>
-firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "45.151.108.0/22" service name = "ssh" accept'
+	firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="45.151.108.0/23" service name="ssh" accept'
-firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "94.140.198.64/27" service name = "ssh" accept'
+	firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="94.140.198.64/27" service name="ssh" accept'
-firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "78.140.234.98" service name = "ssh" accept'
+	firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="193.218.143.187" service name="ssh" accept'
-firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "193.218.143.187" service name = "ssh" accept'
+	firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="93.100.73.160" service name="ssh" accept'
-firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "93.100.47.212" service name = "ssh" accept'
+	firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="78.140.234.98" service name="ssh" accept'
-firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "93.100.73.160" service name = "ssh" accept'
+	firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="93.159.236.11" service name="ssh" accept'
-firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "77.247.170.134" service name = "ssh" accept'
+	firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="46.243.181.35" service name="ssh" accept'
-firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "91.197.172.2" service name = "ssh" accept'
+	firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="46.243.181.242" service name="ssh" accept'
-firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "46.243.181.242" service name = "ssh" accept'
+	firewall-cmd --zone=public --remove-service=ssh --permanent
-firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "93.159.236.11" service name = "ssh" accept'
+	firewall-cmd --reload
-firewall-cmd --reload
-firewall-cmd --zone = public --remove-service = ssh --permanent
 </code>
 **!Save your settings as the server will be rebooted during installation!** \\
 \\
-After making sure that remote access via SSH is provided, send to [[en:dpi:techsupport_info:start|technical support of VAS Experts]] (Service Desk) file an application for installation of the Stingray SG DPI license with the password and username for SSH access.
+After making sure that remote access via SSH is provided, send to [[en:dpi:techsupport_info|technical support of VAS Experts]] (Service Desk) file an application for installation of the Stingray SG DPI license with the password and username for SSH access.
 <note>
-Installation of the Stingray software is carried out by engineers or by yourself according to the instruction: [[en:dpi:dpi_brief:instal_script|Instructions for installing the Stingray software using the script]].
+Installation of the Stingray software is carried out by engineers or by yourself according to the instruction: [[en:dpi:dpi_brief:network_preparation:instal_script|Instructions for installing the Stingray software using the script]].
 </note>
 <note warning>
-Do not update the operating system kernel until the system is activated [[en:dpi:update:start|updates]],
+Do not update the operating system kernel until the system is activated [[en:dpi:update|updates]],
-this may cause the network card driver to fail (([[en:dpi:update:troubleshooting:start|Troubleshoot]]))
+this may cause the network card driver to fail (([[en:dpi:update:troubleshooting|Troubleshoot]]))
 </note>

Profile

Settings

Differences