| The basic premise is to restrict inbound access to the public-facing addresses to only allow ports 4505/TCP, 4506/TCP, and 930/TCP | |
| Pre-requisite | Centos 7.5 or RHEnterprise |
| interfaces | renames: mgmt1, lan1 and wan1 ( + IP@) |
| hostname | unique, and meaningful name |
| create 128t user ( | sudo privileges |
| disable | Hyperthreading disabled: friewalld: SELinux: |
| Install 128T | Router and Conductor |
copy the client's certificate to /etc/pki/128technology/release.pem | |
| Initialiser | Select: Router or Conductor Select: Standalone or 1xHA & 2xHA ( 2x Node in the router ) |
Node Name= ( By default this field uses the Linux system's hostname) Router/Conductor Name: identifiable by the full name of nodeName.routerName ; e.g., labsystem1.boston. | |
sudo systemctl status 128T sudo systemctl start/restart/stop 128T | |
| Terminology | |
| Under Authority | Conductor Service Tenant Security Policy Routers |
| Under Authority > Router | |