Restrict QualiX Access to Specific CloudShell Portals
Perform these steps to specify the CloudShell Portal machines that can access QualiX. This applies to CloudShell deployments where some of the portal machines reside in a different network and for security reasons, we don’t want them to access QualiX.
To specify the CloudShell Portal hosts that can use QualiX:
-
SSH to Qualix server.
-
Run the following command:
edit /opt/qualix/.guacamole/guacamole.properties
-
Remove the following line:
qualix-allow-auth-from: 0.0.0.0
-
To specify the IPs of the CloudShell Portal machines that can access QualiX, add the following line to the file:
qualix-allow-auth-from: <CloudShell-Portal-ip1>,<CloudShell-Portal-ip2>
-
Save and close file.
-
Restart the Qualix-tomcat service:
systemctl restart qualix-tomcat.service