d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fa5de3ba0110f8f6c19d43df484a805dc1d857f0
proxmox/docs/04-configuration/UDM_PRO_CONFIGURATION_COMPLETE.md
defiQUG fbda1b4beb
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates 
- ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands
- CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround
- CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check
- NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere
- MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates
- LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-12 15:46:57 -08:00

171 lines
4.5 KiB
Markdown
Raw Blame History

# UDM Pro Configuration - Completion Status
**Last Updated:** 2026-01-14
**Status:** ⏳ Static Route Configuration In Progress
---
## Current Status
### ✅ Completed Configurations
1. **VLAN 11 (MGMT-LAN) Network**
- Network created and enabled
- Subnet: 192.168.11.0/24
- Gateway: 192.168.11.1
- Network ID: `5797bd48-6955-4a7c-8cd0-72d8106d3ab2`
2. **Zone-Based Firewall**
- Migration completed
- VLAN 11 assigned to "Internal" zone
- Zone policies configured
3. **Firewall Rules**
- Allow Default Network (192.168.0.0/24) → VLAN 11 (192.168.11.0/24)
- All protocols allowed (ICMP, TCP, UDP)
- Priority: 5
4. **All 18 VLANs Created**
- All required VLANs configured and verified
- See [UDM_PRO_STATUS.md](./UDM_PRO_STATUS.md) for complete list
---
## ⏳ In Progress
### Static Route Configuration
**Status:** Automation script running
**Action Required:** Click the "Add" button when browser opens
**Route Details:**
- **Name:** Route to VLAN 11
- **Destination:** 192.168.11.0/24
- **Gateway:** 192.168.11.1
- **Distance:** 1
**To Complete:**
1. Browser window should be open (or will open shortly)
2. Navigate to Static Routes page if not already there
3. **Click the "Add" button** (or "+" icon)
4. Script will automatically:
- Fill the form
- Save the route
- Verify creation
**If browser is not visible:**
```bash
cd /home/intlc/projects/proxmox
UNIFI_USERNAME=unifi_api UNIFI_PASSWORD='L@kers2010$$' \
HEADLESS=false PAUSE_MODE=true \
node scripts/unifi/configure-static-route-playwright.js
```
---
## 📝 Remaining Optional Configurations
### High Priority (Recommended)
1. **DHCP Static IP Reservations**
- **Time:** 15-30 minutes
- **Guide:** [UDM_PRO_DHCP_RESERVATIONS_GUIDE.md](./UDM_PRO_DHCP_RESERVATIONS_GUIDE.md)
- **Required Reservations:**
- 192.168.11.1 → UDM Pro (Gateway)
- 192.168.11.10 → ML110 (Proxmox)
- 192.168.11.11 → R630-01
- 192.168.11.12 → R630-02
- 192.168.11.13 → R630-03
- 192.168.11.14 → R630-04
2. **Port Profile Configuration**
- **Time:** 30-60 minutes
- **Guide:** [UDM_PRO_PORT_PROFILES_GUIDE.md](./UDM_PRO_PORT_PROFILES_GUIDE.md)
- **Required:**
- Trunk port profiles for Proxmox uplinks
- Access port profiles for management devices
### Medium Priority
3. **Sovereign Tenant Isolation Firewall Rules**
- **Time:** 30-45 minutes
- **Guide:** [UDM_PRO_FIREWALL_MANUAL_CONFIGURATION.md](./UDM_PRO_FIREWALL_MANUAL_CONFIGURATION.md)
- **Required:** Block rules for VLANs 200-203
4. **System Settings**
- **Time:** 15-20 minutes
- **Required:** Hostname, timezone, NTP servers
---
## Verification Steps
### Verify Static Route (After Completion)
1. **Via Web UI:**
- Navigate to: Settings → Routing & Firewall → Static Routes
- Verify "Route to VLAN 11" appears in list
- Check destination: 192.168.11.0/24
- Check gateway: 192.168.11.1
2. **Via API:**
```bash
cd /home/intlc/projects/proxmox
NODE_TLS_REJECT_UNAUTHORIZED=0 node scripts/unifi/list-routes-node.js
```
3. **Test Connectivity:**
```bash
# From 192.168.0.23 (or any device on Default network)
ping 192.168.11.10 # Should succeed if routing works
```
### Verify Routing Works
1. **Test from Default Network:**
```bash
ping -c 3 192.168.11.1 # Gateway
ping -c 3 192.168.11.10 # Proxmox host
```
2. **Test from VLAN 11:**
```bash
ping -c 3 192.168.0.1 # UDM Pro on Default network
```
---
## Next Steps
1. **Complete Static Route Configuration** (Current)
- Click Add button in browser
- Wait for script to complete
2. **Configure DHCP Reservations** (Recommended)
- Follow [UDM_PRO_DHCP_RESERVATIONS_GUIDE.md](./UDM_PRO_DHCP_RESERVATIONS_GUIDE.md)
- Ensures devices get consistent IP addresses
3. **Configure Port Profiles** (Recommended)
- Follow [UDM_PRO_PORT_PROFILES_GUIDE.md](./UDM_PRO_PORT_PROFILES_GUIDE.md)
- Required for Proxmox trunk ports
4. **Test End-to-End Connectivity**
- Verify routing between Default and VLAN 11
- Test device connectivity
- Verify firewall rules are working
---
## Summary
**Core Configuration:** ✅ Complete (VLANs, Firewall, Zone-Based Firewall)
**Static Route:** ⏳ In Progress (automation running)
**Optional Configurations:** 📝 Available (DHCP reservations, port profiles, etc.)
**The UDM Pro is functionally configured for routing between Default network and VLAN 11.**
**Remaining tasks are optimizations and additional features.**
---
**Last Updated:** 2026-01-14
Reference in New Issue View Git Blame Copy Permalink