I’ve installed Guacamole on my Nethserver. Was thinking of adding Guacamole to my Nextcloud as an external app. This would provide an extra layer of protection for login if someone tries to get into our network from outside. They would have to login first to Nextcloud and then Guacamole second.
But another option is to allow direct outside access to Guacamole Server from WAN and use fail2ban as my added protection. How should I implement this? I see reference to fail2ban directly in Guacamole or fail2ban installed as a module on Nethsever. Which one should I use?
So to implement fail2ban on Guacamole I first install the fail2ban module on Nethserver. Then I issue the following to enable fail2ban jail for Guacamole:
I’m looking at the Nethserver fail2ban settings and they seem very easy. Just set the amount of failed login attempts and duration and if you want to ban on the WAN and LAN. Is it really that simple to implement fail2ban on Nethserver?
Also, I see in fail2ban Nethserver Dashboard section Guacamole listed. But in the Jails section I don’t see Guacamole. Is the only way to turn off Guacamole in fail2ban is to issue the command - config setprop guacd jailStatus enabled?
Valuable input team. I’m going to sleep better knowing that fail2ban is protecting me now too. It’s so easy to setup and use it should be enabled by default.
