Differences

This shows you the differences between two versions of the page.

--- en:veos:installation [2024/06/11 08:54] – elena.krasnobryzh
+++ en:veos:installation [2025/10/31 09:09] (current) – elena.krasnobryzh
@@ Line 4: / Line 4: @@
 <note tip>Before rack-mounting the server, make sure it meets **necessary requirements**.
-  * [[en:dpi:dpi_brief:dpi_requirements:start|SSG requirements]]
+  * [[en:dpi:dpi_brief:dpi_requirements|SSG requirements]]
-  * [[en:dpi:dpi_components:dpiui:install_and_update:hardware_recommendations:start|GUI requirements]]
+  * [[en:dpi:dpi_components:dpiui:hardware_recommendations|GUI requirements]]
-  * [[en:dpi:dpi_components:qoestor:install_and_update:hardware_recommendations:start|QoE requirements]]
+  * [[en:dpi:qoe_analytics:implementation_administration:requirements|QoE requirements]]
-:!: If any discrepancies are found at this stage, contact [[en:dpi:techsupport_info:start|VAS Experts technical support]] to promptly resolve the issue.</note>
+:!: If any discrepancies are found at this stage, contact [[en:dpi:techsupport_info|VAS Experts technical support]] to promptly resolve the issue.</note>
 ===== ISO Links =====
-  - [[https://repo.vasexperts.com/veos/8.7/isos/x86_64/VEOS-8.7-x86_64-Minimal.iso|VEOS 8.7 Sakhalin]] ([[https://repo.vasexperts.com/veos/8.7/isos/x86_64/checksum|SHA-256 checksum]]) for minimal installation.
+  * [[https://repo.vasexperts.com/veos/8.8/isos/x86_64/VEOS-8.8-x86_64-Minimal.iso|VEOS 8.8 Kildin]] ([[https://repo.vasexperts.com/veos/8.8/isos/x86_64/checksum|SHA-256 checksum]]) for minimal installation
 [[en:veos:installation:archived_versions]]
@@ Line 107: / Line 107: @@
   - Save the password for **vasexpertsmnt**.
   - Set permission for users of the wheel group to use all commands on behalf of all users, for this you need to add to ///etc/sudoers// the line: <code>% wheel ALL=(ALL) NOPASSWD: ALL</code>
-  - To provide remote access via SSH and set restrictions on valid IP addresses from the list: <code> 45.151.108.0/22, 94.140.198.64/27, 78.140.234.98, 193.218.143.187, 93.100.47.212, 93.100.73.160, 77.247. 170.134, 91.197.172.2, 46.243.181.242, 93.159.236.11 </code>
+  - To provide remote access via SSH and set restrictions on valid IP addresses from the list: <code>45.151.108.0/23, 94.140.198.64/27, 193.218.143.187, 93.100.73.160, 78.140.234.98, 93.159.236.11, 46.243.181.35, 46.243.181.242</code>
 <code>
-iptables -A INPUT -m conntrack --ctstate RELATED, ESTABLISHED -j ACCEPT
+<code>
-iptables -A INPUT -p tcp -s 45.151.108.0/22 -m tcp --dport 22 -j ACCEPT
+	iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-iptables -A INPUT -p tcp -s 94.140.198.64/27 -m tcp --dport 22 -j ACCEPT
+	iptables -A INPUT -p tcp -s 45.151.108.0/23 -m tcp --dport 22 -j ACCEPT
-iptables -A INPUT -p tcp -s 78.140.234.98 -m tcp --dport 22 -j ACCEPT
+	iptables -A INPUT -p tcp -s 94.140.198.64/27 -m tcp --dport 22 -j ACCEPT
-iptables -A INPUT -p tcp -s 193.218.143.187 -m tcp --dport 22 -j ACCEPT
+	iptables -A INPUT -p tcp -s 193.218.143.187 -m tcp --dport 22 -j ACCEPT
-iptables -A INPUT -p tcp -s 93.100.47.212 -m tcp --dport 22 -j ACCEPT
+	iptables -A INPUT -p tcp -s 93.100.73.160 -m tcp --dport 22 -j ACCEPT
-iptables -A INPUT -p tcp -s 93.100.73.160 -m tcp --dport 22 -j ACCEPT
+	iptables -A INPUT -p tcp -s 78.140.234.98 -m tcp --dport 22 -j ACCEPT
-iptables -A INPUT -p tcp -s 77.247.170.134 -m tcp --dport 22 -j ACCEPT
+	iptables -A INPUT -p tcp -s 93.159.236.11 -m tcp --dport 22 -j ACCEPT
-iptables -A INPUT -p tcp -s 91.197.172.2 -m tcp --dport 22 -j ACCEPT
+	iptables -A INPUT -p tcp -s 46.243.181.35 -m tcp --dport 22 -j ACCEPT
-iptables -A INPUT -p tcp -s 46.243.181.242 -m tcp --dport 22 -j ACCEPT
+	iptables -A INPUT -p tcp -s 46.243.181.242 -m tcp --dport 22 -j ACCEPT
-iptables -A INPUT -p tcp -s 93.159.236.11 -m tcp --dport 22 -j ACCEPT
+	iptables -A INPUT -p tcp --dport 22 -j DROP
-iptables -A INPUT -p tcp --dport 22 -j DROP
+	service iptables save
-service iptables save
 </code>
 If you are using firewalld:
 <code>
-firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "45.151.108.0/22" service name = "ssh" accept'
+	firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="45.151.108.0/23" service name="ssh" accept'
-firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "94.140.198.64/27" service name = "ssh" accept'
+	firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="94.140.198.64/27" service name="ssh" accept'
-firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "78.140.234.98" service name = "ssh" accept'
+	firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="193.218.143.187" service name="ssh" accept'
-firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "193.218.143.187" service name = "ssh" accept'
+	firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="93.100.73.160" service name="ssh" accept'
-firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "93.100.47.212" service name = "ssh" accept'
+	firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="78.140.234.98" service name="ssh" accept'
-firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "93.100.73.160" service name = "ssh" accept'
+	firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="93.159.236.11" service name="ssh" accept'
-firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "77.247.170.134" service name = "ssh" accept'
+	firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="46.243.181.35" service name="ssh" accept'
-firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "91.197.172.2" service name = "ssh" accept'
+	firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="46.243.181.242" service name="ssh" accept'
-firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "46.243.181.242" service name = "ssh" accept'
+	firewall-cmd --zone=public --remove-service=ssh --permanent
-firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "93.159.236.11" service name = "ssh" accept'
+	firewall-cmd --reload
-firewall-cmd --reload
-firewall-cmd --zone = public --remove-service = ssh --permanent
 </code>
 **!Save your settings as the server will be rebooted during installation!** \\
 \\
-After making sure that remote access via SSH is provided, send to [[en:dpi:techsupport_info:start|technical support of VAS Experts]] (Service Desk) file an application for installation of the Stingray SG DPI license with the password and username for SSH access.
+After making sure that remote access via SSH is provided, send to [[en:dpi:techsupport_info|technical support of VAS Experts]] (Service Desk) file an application for installation of the Stingray SG DPI license with the password and username for SSH access.
@@ Line 150: / Line 147: @@
 <note warning>
-Do not update the operating system kernel until the system is activated [[en:dpi:update:start|updates]],
+Do not update the operating system kernel until the system is activated [[en:dpi:update|updates]],
-this may cause the network card driver to fail (([[en:dpi:update:troubleshooting:start|Troubleshoot]]))
+this may cause the network card driver to fail (([[en:dpi:update:troubleshooting|Troubleshoot]]))
 </note>

Profile

Settings

Differences