Skip to main content

Firewall Installation

System Requirements

To run NetFoundry zLAN Firewall, your system must meet the following requirements:

  • Operating System: Linux (Ubuntu, Debian, or RedHat-based distributions)
    • Ubuntu: 22.04 LTS (Jammy Jellyfish) and above (with kernel 6.1+)
    • Ubuntu: 24.04 LTS (Noble Numbat) and above
    • Debian: 12 (Bookworm) and above (with kernel 6.1+)
    • Debian: 13 (Trixie) and above
    • RedHat/CentOS/Rocky/AlmaLinux: 9.4 and above
  • Kernel Version: 6.1 or higher (required for eBPF access)
  • CPU: Minimum 2 vCPU
  • Memory: Minimum 4 GB RAM
  • Storage: Minimum 20 GB available

Access Requirements

  • Root privileges are required for installation and configuration.
  • Internet access is required to download packages and enroll the firewall.
  • Access to the NetFoundry zLAN Console to obtain the installation command or JWT token for enrollment.

Manual Installation

You can install the NetFoundry zLAN Firewall either by using the copy-paste command from the Console UI or by manually setting up the repository and running the setup script.

1. Configure the Repository (Private Option)

Run the following command to configure the NetFoundry repository (replace <username> and <password> with your credentials):

curl -sSL https://get.netfoundry.io/install.bash | sudo bash -s --private --username <username> --password <password>

This will set up the repository for your distribution and update package metadata.

2. Install the NetFoundry zLAN Firewall Package

Install the package using your distribution's package manager:

sudo apt-get install zlan-firewall

3. Enroll and Configure the Firewall

Obtain your JWT token from the NetFoundry Console, then run:

sudo /opt/openziti/zlan/scripts/zlan-firewall-setup.sh <JWT_TOKEN>

This script will:

  • Generate the configuration file
  • Enroll the router using the JWT
  • Start the required services

Advanced Options

  • TBD

Upgrading

To upgrade the zLAN Firewall, use your package manager:

sudo apt-get update
sudo apt-get upgrade zlan-firewall zfw zlan-router