Software installs throws an error if there is no green interface

Bug
,
1

[Configuration]
My nethserver has been setup in AWS.

I started initially with a single red interface (Which can be switched only with the new servers manager at 9090 and not with 980 since 980 says you need a green interface always).

This only red interface configuration is required in AWS since we are not using the LAN.

[Issue]
But this causes problems with ipconfig throwing some error while the template is expanded and then shows that Yum cache clearing will help (it doesn’t).

Screenshot-Error-Neth
Screenshot-Error-Neth1366×670 93.4 KB

[Workaround]
Only adding a new network interface and saving it as green fixed the issue. This is not a problem since you don’t have to pay for network interfaces on AWS but I feel this extra step is unnecessary.

[Requirement]
What I need is to know how to configure Nethserver with only a red interface and still make is work. This can increase the adoption in AWS for mail, VPN and other needs.

2

If you want only one interface on a public VPS you need to set it to green, see the documentation.

The server must have at least one network interface. When the server has only one interface, this interface must have green role.
If the server is installed on a public VPS (Virtual Private Server), it should must be configured with a green interface. All critical services should be closed using Network services panel.

As an alternative you may create a virtual interface.

1 Like
3

When the green interface is used, then VPN does not work. That is why I had to make it the red interface.

Is there any other settings that I have to change to make VPN work with green interface?

4

Do you use openvpn?

IIRC you need at least a second interface for VPN.

5

Yes I use openVPN. But if we use a red interface, we don’t need a green interface and openVPN works just fine.

980 port server manager did not allow switching the existing green interface to a red one, but the new 9090 server manager allows that.

So VPN starts working in red interface only condition but ipsec config fails.

So either

  1. We have to have that check to ensure there is at least one green interface when an interface is changed from green to red in the new server manager (9090) or
  2. Modify the ipsec config to work with only red interface or
  3. Modify openVPN to work with only green interface

I hope what I’m saying makes sense. I am getting deeper into it only now.

Thank you so much for your time and effort.

1 Like
6

Thank you @vignesh for taking time and reporting the issue!

Actually, the red-only scenario is not supported. Still, there are few cases where some features could work while other will fail for sure.
When installing NethServer on a public cloud, the most common scenario is to set the public interface as green and close access to services using the firewall.
Someone created a dummy interface, you should be able to find more info in this forum.
Finally, another solution could be the creation of a vlan, then you can set the vlan as a fake green while the real interface can be set as red.

2 Likes