Can you please provide more details on what to look for in the firewall settings? I installed fresh CentOS 7 so not sure if there are firewal rules in there.
I don’t personally use CentOS day to day, it has been a while… though I do use RHEL. If I recall correctly CentOS 7 moved to using Firewalld as the default firewall service replacing* IPTables.
The first thing to do is verify which Firewall service is in use, and configure it accordingly according to the HAA documentation.
Here is some RHEL documentation that you may find helpful. (One or more of these may be in their walled garden and would need a support account to access, but pretty easy to do a quick Internet search for ‘firewalld’ and ‘iptables’ configuration in conjunction with CentOS)
Specific Details on HAA can be found in the following references along with the TCP Ports that need to be open in your Firewall.
The following is a sequence I implemented in my sandbox environment to disable IPTables and enable Firewalld while allowing specific ports through the default ‘public’ zone. I recommend that you review the documentation for any changes, and if unfamiliar research firewall usage to understand what changes are being made. (E.g. You may not want to use the ‘public’ zone designation, or open all the same ports depending on your architecture/network design.
Stop and Disable IPTables
systemctl stop iptables.service systemctl disable iptables.service
Enable and Start Firewalld
systemctl enable firewalld.service systemctl start firewalld.service
Set Internal as default zone
Add Ports to Firewall Rules
firewall-cmd --zone=public --permanent\ --add-port=3333-3339/tcp \ --add-port=36379-36380/tcp \ --add-port=8001/tcp \ --add-port=8443/tcp \ --add-port=8444/tcp \ --add-port=9080/tcp \ --add-port=9081/tcp \ --add-port=8070-8071/tcp \ --add-port=9443/tcp \ --add-port=10000-19999/tcp \ --add-port=20000-29999/tcp \ --add-port=53/tcp \ --add-port=5353/tcp
Reload Firewalld Configuration
Thanks for the information, Tim. These will definitely help.
No worries. Let me know if you have any specific questions or challenges that you run into.
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.