Initial Network Setup
Configure Interfaces
We need Internet access to download all the packages necessary so I setup DHCP on the WAN connection eth0
.
Setting all the local network interfaces to `manual` and not providing any addresses prevents any accidental routing before everything is secured.
# /etc/network/interfaces
auto eth0
iface eth0 inet dhcp
+
+ auto eth1
+ iface eth1 inet manual
+
+ auto eth1.8
+ iface eth1.8 inet manual
+ vlan-raw-device eth1
+
+ auto eth1.9
+ iface eth1.9 inet manual
+ vlan-raw-device eth1
Then restart the networking service to apply the changes and create the new interfaces.
$ systemctl restart networking
Initial Security
I won't have SSH access allowed from the Internet when I am done but in the interim I want to install fail2ban
. It doesn't hurt to have running even once the firewall is fully setup and provides just one more layer of defense.
$ apt install fail2ban