Difference between revisions of "RMU build Gen-1.5: IV. Best Practices - A. Proxmox Security"

Revision as of 21:48, 28 February 2024

This page is part of the Gen-1.5 RMU build runbook.

Go back to the previous section: III. Maas - E. Configure CHCP Subnet on MaaS

A. Proxmox Security

Enable Proxmox Firewall Datacenter level
- On the Proxmox WebUI, select Datacenter on the left panel, then in the middle panel, scroll down to Firewall -> Options and select the top Firewall configuration option in the main panel. Click on Edit at the top of the list.
- On the pop-up dialog window, tick the Firewall box and select OK
Enable Proxmox Firewall RMU level
- On the Proxmox WebUI, select the RMU on the left panel, then in the middle panel, scroll down to Firewall -> Options and select the top Firewall configuration option in the main panel. Click on Edit at the top of the list.
- On the pop-up dialog window, tick the Firewall box and select OK

Disable RPCBIND

On the Proxmox WebUI, select the RMU on the left panel
Select Shell in the top right

Run these commands one at a time within that shell prompt

systemctl disable rpcbind.target
systemctl disable rpcbind.socket
systemctl disable rpcbind.service
systemctl stop rpcbind.target
systemctl stop rpcbind.socket
systemctl stop rpcbind.service

Continue to next section: B. Install RACADM Tool on RMU

Go to the index of the Gen-1.5 RMU build runbook.

@@ Line 3: / Line 3: @@
 Go back to the previous section: [[RMU build Gen-1.5: III. Maas - E. Configure CHCP Subnet on MaaS|III. Maas - E. Configure CHCP Subnet on MaaS]]
-=== A. Proxmox Security ===
+==A. Proxmox Security==
+#'''Enable Proxmox Firewall Datacenter level'''
+#*On the Proxmox WebUI, select <code>Datacenter</code> on the left panel, then in the middle panel, scroll down to <code>Firewall -> Options</code> and select the top <code>Firewall</code> configuration option in the main panel.  Click on <code>Edit</code> at the top of the list.
-== Continue to next section: [[RMU build Gen-1.5: IV. Best Practices - B. Install RACADM Tool on RMU|B. Install RACADM Tool on RMU]] ==
+#*[[File:Screenshot 2024-02-26 at 3.09.02 PM.png|800px]]
+#*On the pop-up dialog window, tick the <code>Firewall</code> box and select <code>OK</code>
+#*[[File:Screenshot 2023-12-28 at 11.02.10 AM.png]]
+#'''Enable Proxmox Firewall RMU level'''
+#*On the Proxmox WebUI, select the RMU on the left panel, then in the middle panel, scroll down to <code>Firewall -> Options</code> and select the top <code>Firewall</code> configuration option in the main panel.  Click on <code>Edit</code> at the top of the list.
+#*[[File:Screenshot 2023-12-28 at 11.00.04 AM.png|800px]]
+#*On the pop-up dialog window, tick the <code>Firewall</code> box and select <code>OK</code>
+#*[[File:Screenshot 2023-12-28 at 11.02.10 AM.png]]
+#'''Disable RPCBIND'''
+#*On the Proxmox WebUI, select the RMU on the left panel
+#*[[File:Screenshot 2024-01-03 at 3.43.06 PM.png]]
+#*Select <code>Shell</code> in the top right
+#*[[File:Screenshot 2024-01-03 at 3.43.37 PM.png]]
+#*Run these commands one at a time within that shell prompt<syntaxhighlight lang="yaml">
+systemctl disable rpcbind.target
+systemctl disable rpcbind.socket
+systemctl disable rpcbind.service
+systemctl stop rpcbind.target
+systemctl stop rpcbind.socket
+systemctl stop rpcbind.service
+</syntaxhighlight><br />
+==Continue to next section: [[RMU build Gen-1.5: IV. Best Practices - B. Install RACADM Tool on RMU|B. Install RACADM Tool on RMU]]==
 Go to the index of the [[RMU build Gen-1.5|Gen-1.5 RMU build runbook]].