AnsweredAssumed Answered

How to disable Gaia access from the Internet

Question asked by Akira Yagi on Nov 23, 2018
Latest reply on Nov 26, 2018 by Dameon Welch-Abernathy

Hello,

I have a typical policy that allows access to Gaia (https) from some internal machines, followed by a stealth rule that blocks all the other accesses (any-[sms, clusterxl and nodes]-drop).

 

Despite this, if I try to open a browser from an external machine, pointing to one of the public IPs (https://publicIP) of the cluster, I'm asked to accept the certificate.

I can't load the user/password page, but I need to avoid to even to show that something is listening.

The customer told me that in the past someone executed a command to block this access, but I was expecting that the policy was enough.

What is this command? I don't want to disable the Gaia Portal, just from the Internet.

Or there is a configuration in the Global Policy that I missed?

Outcomes