Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: 1 [2]
16
Contributions / Tips&Tricks / Features Requests / III. DHCP configuration. (Part 3/12)
« on: May 20, 2022, 04:10:15 pm »
III. DHCP CONFIGURATION.
In the administration, console go to the DHCP tab:
Uncheck DHCP eth0:
In "Configuration" eth1: (don't forget to check dynamic dns)
Go to Ranges to address a new range of internal IP addresses: (differentiate the
internal address type from external)
Add and save the new address range:
Go to the Module Status tab:
Check DHCP and save:
In the administration, console go to the DHCP tab:
Uncheck DHCP eth0:
In "Configuration" eth1: (don't forget to check dynamic dns)
Go to Ranges to address a new range of internal IP addresses: (differentiate the
internal address type from external)
Add and save the new address range:
Go to the Module Status tab:
Check DHCP and save:
17
Contributions / Tips&Tricks / Features Requests / II. DNS CONFIGURATION. (Part 2/12)
« on: May 20, 2022, 03:59:37 pm »
II. DNS CONFIGURATION.
In the administration console go to the DNS tab:
Activate the transparent DNS cache and add the gateway: (to be adapted according to the infrastructure
existing)
Save changes: (to be performed after each setting or change)
Test DNS via PING the gateway:
In the administration console go to the DNS tab:
Activate the transparent DNS cache and add the gateway: (to be adapted according to the infrastructure
existing)
Save changes: (to be performed after each setting or change)
Test DNS via PING the gateway:
18
Contributions / Tips&Tricks / Features Requests / Ia. Software Raid configuration (Part 1a/12)
« on: May 20, 2022, 11:20:49 am »
Following the installation procedure, but with software raid support.
I. SOFTWARE RAID CONFIGURATION.
Choose expert mode installation:
Once in the partition disks menu, select “Manual”:
Go to the free space of the “sda” disk:
Create a new partition:
Choose the maximum partition size:
Then select the type of partition, logical in our case:
Change partition characteristics for raid volume:
Validate the end of the configuration:
Do the same operations above for the “sdb” disk.
Once the two raid volumes have been created, let's go to the software raid configuration:
Apply changes to disks:
Then create a multi-disk device:
Select “Raid1”:
Check the number of active devices, 2 in our case:
Leave the spare device count at 0:
Overview of active devices and selection thereof: (space to select)
Finish configuring volumes:
Finish partitioning and apply changes:
Appears a new Raid1 device:
Select free space to apply partition characteristics:
Apply the filesystem type, journaled ext4 in our example:
Select the partition mount point, root “/” in our case:
Finish setting the raid partition:
Finish partitioning and apply changes:
After applying the changes on the disks the installation of Zentyal continues
with software raid1 support.
Once the installation is complete, to verify the volumes, enter the command below
in a terminal:
We see a raid1 volume md0 belonging to disk sda partition sda5, same for
sdb5.
II. RAID MAINTENANCE
To display the status of a raid1 volume enter the following command:
Output of the above command:
To remove a bad volume: (* select the bad disk number)
To add a new volume:
Source
I. SOFTWARE RAID CONFIGURATION.
Choose expert mode installation:
Once in the partition disks menu, select “Manual”:
Go to the free space of the “sda” disk:
Create a new partition:
Choose the maximum partition size:
Then select the type of partition, logical in our case:
Change partition characteristics for raid volume:
Validate the end of the configuration:
Do the same operations above for the “sdb” disk.
Once the two raid volumes have been created, let's go to the software raid configuration:
Apply changes to disks:
Then create a multi-disk device:
Select “Raid1”:
Check the number of active devices, 2 in our case:
Leave the spare device count at 0:
Overview of active devices and selection thereof: (space to select)
Finish configuring volumes:
Finish partitioning and apply changes:
Appears a new Raid1 device:
Select free space to apply partition characteristics:
Apply the filesystem type, journaled ext4 in our example:
Select the partition mount point, root “/” in our case:
Finish setting the raid partition:
Finish partitioning and apply changes:
After applying the changes on the disks the installation of Zentyal continues
with software raid1 support.
Once the installation is complete, to verify the volumes, enter the command below
in a terminal:
We see a raid1 volume md0 belonging to disk sda partition sda5, same for
sdb5.
II. RAID MAINTENANCE
To display the status of a raid1 volume enter the following command:
Code: [Select]
sudo mdadm -D /dev/md0Output of the above command:
To remove a bad volume: (* select the bad disk number)
Code: [Select]
sudo mdadm --remove /dev/md0 /dev/sda*To add a new volume:
Code: [Select]
sudo mdadm --add /dev/md0 /dev/sda*Source
19
Contributions / Tips&Tricks / Features Requests / I. Installation and configuration of Zentyal 7.0 development (Part 1/12)
« on: May 20, 2022, 10:25:10 am »
I want to share with the community my work, done as part of my training, to avoid bleeding from the eyes this will be done in several parts.
I wish you a good reading.
INSTALLATION AND CONFIGURATION PROCEDURE FOR ZENTYAL 7.0 DEVELOPMENT
I. INSTALLATION OF ZENTYAL 7.0 DEVELOPMENT.
Choice of language and installation screen: (expert mode for raid configuration, see
software raid configuration procedure)
Choice of language and keyboard type:
Choice of external network card:
Choice of NetBios of the server:
Choice of username for the main account: (to change for another name)
Choice of a password with 12 characters and verification:
Choice of system clock:
End of system installation:
Installing Zentyal core packages:
A web window then opens to enter into the console: (accept because self-signed certificate)
Zentyal administration console, fill in the user created previously and its password at
12 characters:
Choice of Zentyal components:
Confirmation and installation of components:
Configuration of network interfaces:
Choice of external network IP address: (to be adapted according to the existing infrastructure)
Choice of internal network IP address:
Domain controller type selection:
Source
Source
I wish you a good reading.
INSTALLATION AND CONFIGURATION PROCEDURE FOR ZENTYAL 7.0 DEVELOPMENT
I. INSTALLATION OF ZENTYAL 7.0 DEVELOPMENT.
Choice of language and installation screen: (expert mode for raid configuration, see
software raid configuration procedure)
Choice of language and keyboard type:
Choice of external network card:
Choice of NetBios of the server:
Choice of username for the main account: (to change for another name)
Choice of a password with 12 characters and verification:
Choice of system clock:
End of system installation:
Installing Zentyal core packages:
A web window then opens to enter into the console: (accept because self-signed certificate)
Zentyal administration console, fill in the user created previously and its password at
12 characters:
Choice of Zentyal components:
Confirmation and installation of components:
Configuration of network interfaces:
Choice of external network IP address: (to be adapted according to the existing infrastructure)
Choice of internal network IP address:
Domain controller type selection:
Source
Source
20
Other modules / IDS/IPS doesnt work
« on: March 25, 2022, 02:42:17 pm »
Hi Zentyal user, after a couple of installation's under virtualbox, the IDS/IPS module is installed, and once activated it crashes nginx every time. I tested with default ids/ips settings, same thing.
Any ideas where it could come from?
Any ideas where it could come from?
21
Contributions / Tips&Tricks / Features Requests / Zentyal HTTPS repository
« on: March 21, 2022, 09:19:33 pm »
Hi Zentyal user's,
after research to secure my Zentyal configuration, i see that the repo have an https certificate expired since 2018...
And that of the forum expires at the end of May 2022 .
after research to secure my Zentyal configuration, i see that the repo have an https certificate expired since 2018...
And that of the forum expires at the end of May 2022 .
22
Other modules / How to secure DNS with DNSSEC
« on: March 16, 2022, 05:06:05 pm »
Hi Zentyal user's, all is in the topic name, i'm searching a way to secure my dns requests.
How i can do that without dnscrypt-proxy?
Thank you in advance for your feedback's
How i can do that without dnscrypt-proxy?
Thank you in advance for your feedback's
23
Directory and Authentication / Re: Secure zentyal ports
« on: March 16, 2022, 04:58:35 pm »Hi,
That's fairly simple to achieve:
https://doc.zentyal.org/en/firewall.html#firewall-configuration-with-zentyal
Just make sure you use the right section, so you block access to the Zentyal and not between networks.
If you need more ports (not mentioned on the current list) go to Network -> Services and add what you need (Name, protocol, ports)
Then you can use that service in firewall selection list.
Simples,
Cheerio!
dzidek23
Thanks for the explanation, i will test it
24
Directory and Authentication / [SOLVED]Secure zentyal ports
« on: March 14, 2022, 03:38:52 pm »
Hi Zentyal user's,
after reading the Zentyal documentation, having browsed the forum, I allow myself to come and ask my questions in this section.
Having carried out an installation without problems, today I want to secure this installation, and this by securing ports 22, 80 and 389.
By consulting the forum I found how to secure port 389 without disabling it, which is not recommended, do you have any suggestions for the other ports?
I'm not looking for a ready-made solution, just advice, a choice will be made if feasible or not
Wishing you many thanks in advance for your future contributions
after reading the Zentyal documentation, having browsed the forum, I allow myself to come and ask my questions in this section.
Having carried out an installation without problems, today I want to secure this installation, and this by securing ports 22, 80 and 389.
By consulting the forum I found how to secure port 389 without disabling it, which is not recommended, do you have any suggestions for the other ports?
I'm not looking for a ready-made solution, just advice, a choice will be made if feasible or not
Wishing you many thanks in advance for your future contributions
Pages: 1 [2]