Hello Forum,
Yersterday night I’ve installed NS7 on our production server which works as a gateway. I wish to tell you my experiences. Maybe as SysAdmin or as Developer, you’ll find it useful.
-
So NS7 rc3.
-
The server is the 1st computer that get’s internet from the ISP. This gives the offices other computers IP and forwards them to the net. So it is a gateway. After installing the very first shock struck me down.
During the install I’ve set 2 out of 3 ethernet cards with static IP addresses. The 3rd one is PPPoE, but since there is no option to do that during the install I’ve kept it on DHCP. So after the install, just after I’ve entered the command line, I’ve started thinking: OK, now what? I need to set DHCP, OH WAIT! That can be done on the web config. But I can’t reach it’s webconfig until I set the DHCP up! What a blummer. OFC I’ve set a static IP for one of my clients and started looking for the server in a browser and I’ve succeeded. But this was very frustrating. -
So after the first shock, everything went quite smooth. I’ve connected the server to the net vie PPPoE, Set DHCP up, set 8.8.8.8 for DNS (since it didn’t fetch it from my ISP) and then started setting up Fail2Ban. I need to thank @stephdl for the awsome work he have done. I just hope it will work as nice as the IDS/IPS was on ClearOS. I’ve seen on that OS that we had about 30-40 failed ssh login every minute so we’ve banned them. So far Fail2Ban didn’t log / ban anything. But let’s just hope it is still working.
-
The server nicely upgraded to the latest version and working like a charm so far. So here I’m.
I still have some job to do (give fix IP addresses to clients, import our cert, create firewall rules, etc), but I wish to tell you some stuff I think the dev team should consider.
-
GUI: A server that is intended to be the DHCP server will obviously need a client to join and then the web config will be reachable only then. How about implementing a small desktop (like LXDE or Xfce) with a small browser so when the SysAdmin installs the server for the first time, they don’t have to assign static IP to a client and then start searching for the server on the network.
-
More CLI: Altho I see that the mail goal is to make a server completly configureable from the browser, the above case shows that sometimes we have to work in the CLI. I hardly could find some documentation about the CLI commands available but eventually I succeeded. Is it possible to have a CLI documentation more easy to find and maybe with more options? Like setting up DHCP with ease, etc.
Overall:
Thank you for your hard work Dev.Team! I really enjoy this system. Just make sure you won’t remove Fail2Ban and PPPoE from the server!!!