Installation [Документация VAS Experts]
Документация VAS Experts Документация VAS Experts-mobile
in

Settings

  • Show page
  • Old revisions
  • Export to PDF
  • Fold/unfold all
  • Backlinks
  • Show page
  • Old revisions
  • Export to PDF
  • Fold/unfold all
  • Backlinks

    • Differences

    This shows you the differences between two versions of the page.

    Link to this comparison view

    Both sides previous revisionPrevious revision
    Next revision    		Previous revision
    en:veos:installation [2024/09/26 15:29] – external edit 127.0.0.1en:veos:installation [2025/10/31 09:09] (current) elena.krasnobryzh
    Line 5: Line 5:
      
       * [[en:dpi:dpi_brief:dpi_requirements|SSG requirements]]   * [[en:dpi:dpi_brief:dpi_requirements|SSG requirements]]
    -  * [[en:dpi:dpi_components:dpiui:install_and_update:hardware_recommendations|GUI requirements]] +  * [[en:dpi:dpi_components:dpiui:hardware_recommendations|GUI requirements]] 
    -  * [[en:dpi:dpi_components:qoestor:install_and_update:hardware_recommendations|QoE requirements]]+  * [[en:dpi:qoe_analytics:implementation_administration:requirements|QoE requirements]]
      
     :!: If any discrepancies are found at this stage, contact [[en:dpi:techsupport_info|VAS Experts technical support]] to promptly resolve the issue.</note> :!: If any discrepancies are found at this stage, contact [[en:dpi:techsupport_info|VAS Experts technical support]] to promptly resolve the issue.</note>
      
     ===== ISO Links ===== ===== ISO Links =====
    -  [[https://repo.vasexperts.com/veos/8.7/isos/x86_64/VEOS-8.7-x86_64-Minimal.iso|VEOS 8.7 Sakhalin]] ([[https://repo.vasexperts.com/veos/8.7/isos/x86_64/checksum|SHA-256 checksum]]) for minimal installation.+  [[https://repo.vasexperts.com/veos/8.8/isos/x86_64/VEOS-8.8-x86_64-Minimal.iso|VEOS 8.8 Kildin]] ([[https://repo.vasexperts.com/veos/8.8/isos/x86_64/checksum|SHA-256 checksum]]) for minimal installation
      
     [[en:veos:installation:archived_versions]] [[en:veos:installation:archived_versions]]
    Line 107: Line 107:
       - Save the password for **vasexpertsmnt**.   - Save the password for **vasexpertsmnt**.
       - Set permission for users of the wheel group to use all commands on behalf of all users, for this you need to add to ///etc/sudoers// the line: <code>% wheel ALL=(ALL) NOPASSWD: ALL</code>   - Set permission for users of the wheel group to use all commands on behalf of all users, for this you need to add to ///etc/sudoers// the line: <code>% wheel ALL=(ALL) NOPASSWD: ALL</code>
    -  - To provide remote access via SSH and set restrictions on valid IP addresses from the list: <code> 45.151.108.0/22, 94.140.198.64/27, 78.140.234.98, 193.218.143.187, 93.100.47.212, 93.100.73.160, 77.247170.13491.197.172.2, 46.243.181.24293.159.236.11 </code>+  - To provide remote access via SSH and set restrictions on valid IP addresses from the list: <code>45.151.108.0/23, 94.140.198.64/27, 193.218.143.187, 93.100.73.160, 78.140.234.9893.159.236.11, 46.243.181.3546.243.181.242</code>
     <code> <code>
    -iptables -A INPUT -m conntrack --ctstate RELATED, ESTABLISHED -j ACCEPT +<code> 
    -iptables -A INPUT -p tcp -s 45.151.108.0/22 ​​-m tcp --dport 22 -j ACCEPT + iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT 
    -iptables -A INPUT -p tcp -s 94.140.198.64/27 -m tcp --dport 22 -j ACCEPT + iptables -A INPUT -p tcp -s 45.151.108.0/23 -m tcp --dport 22 -j ACCEPT 
    -iptables -A INPUT -p tcp -s 78.140.234.98 -m tcp --dport 22 -j ACCEPT + iptables -A INPUT -p tcp -s 94.140.198.64/27 -m tcp --dport 22 -j ACCEPT 
    -iptables -A INPUT -p tcp -s 193.218.143.187 -m tcp --dport 22 -j ACCEPT + iptables -A INPUT -p tcp -s 193.218.143.187 -m tcp --dport 22 -j ACCEPT 
    -iptables -A INPUT -p tcp -s 93.100.47.212 -m tcp --dport 22 -j ACCEPT + iptables -A INPUT -p tcp -s 93.100.73.160 -m tcp --dport 22 -j ACCEPT 
    -iptables -A INPUT -p tcp -s 93.100.73.160 -m tcp --dport 22 -j ACCEPT + iptables -A INPUT -p tcp -s 78.140.234.98 -m tcp --dport 22 -j ACCEPT 
    -iptables -A INPUT -p tcp -s 77.247.170.134 -m tcp --dport 22 -j ACCEPT + iptables -A INPUT -p tcp -s 93.159.236.11 -m tcp --dport 22 -j ACCEPT 
    -iptables -A INPUT -p tcp -s 91.197.172.-m tcp --dport 22 -j ACCEPT + iptables -A INPUT -p tcp -s 46.243.181.35 -m tcp --dport 22 -j ACCEPT 
    -iptables -A INPUT -p tcp -s 46.243.181.242 -m tcp --dport 22 -j ACCEPT + iptables -A INPUT -p tcp -s 46.243.181.242 -m tcp --dport 22 -j ACCEPT 
    -iptables -A INPUT -p tcp -s 93.159.236.11 -m tcp --dport 22 -j ACCEPT + iptables -A INPUT -p tcp --dport 22 -j DROP 
    -iptables -A INPUT -p tcp --dport 22 -j DROP + service iptables save
    -service iptables save+
     </code> </code>
      
     If you are using firewalld: If you are using firewalld:
     <code> <code>
    -firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "45.151.108.0/22" service name = "ssh" accept' + firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="45.151.108.0/23" service name="ssh" accept' 
    -firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "94.140.198.64/27" service name = "ssh" accept' + firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="94.140.198.64/27" service name="ssh" accept' 
    -firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "78.140.234.98" service name = "ssh" accept' + firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="193.218.143.187" service name="ssh" accept' 
    -firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "193.218.143.187" service name = "ssh" accept' + firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="93.100.73.160" service name="ssh" accept' 
    -firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "93.100.47.212" service name = "ssh" accept' + firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="78.140.234.98" service name="ssh" accept' 
    -firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "93.100.73.160" service name = "ssh" accept' + firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="93.159.236.11" service name="ssh" accept' 
    -firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "77.247.170.134" service name = "ssh" accept' + firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="46.243.181.35" service name="ssh" accept' 
    -firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "91.197.172.2" service name = "ssh" accept' + firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="46.243.181.242" service name="ssh" accept' 
    -firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "46.243.181.242" service name = "ssh" accept' + firewall-cmd --zone=public --remove-service=ssh --permanent 
    -firewall-cmd --permanent --zone = public --add-rich-rule = 'rule family = "ipv4" source address = "93.159.236.11" service name = "ssh" accept' + firewall-cmd --reload
    -firewall-cmd --zone = public --remove-service = ssh --permanent +
    -firewall-cmd --reload+
     </code> </code>
     **!Save your settings as the server will be rebooted during installation!** \\ **!Save your settings as the server will be rebooted during installation!** \\