Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    help with centralized control

    Scheduled Pinned Locked Moved General pfSense Questions
    11 Posts 4 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kapvcop
      last edited by

      Hello friends, I would like to know if there is any way to control all the firewalls from a central point, let me explain, I have 5 branches with a Pfsense firewall but when I create a rule that they must share I must enter one by one making a copy of this rule, then there is a way to control all firewalls from a centralized console ?, the cloud ...
      I appreciate any help ...

      DaddyGoD 1 Reply Last reply Reply Quote 0
      • DaddyGoD
        DaddyGo @kapvcop
        last edited by DaddyGo

        @kapvcop said in help with centralized control:

        let me explain, I have 5 branches with a Pfsense firewall but when I create a rule that they must share I must enter one by one making a copy of this rule

        Hello,

        Well, there is only "HA conf." that can stay in sync, but it's a good question anyway(!), because there is no such thing like "pfS cluster with central MGMT"

        I would say ,at every point, every FW (firewall) is unique, but there really can be a situation where you need to clone a system - pfs to pfs to pfs, etc.

        BTW:
        this could be a smart question, don't know :)

        Cats bury it so they can't see it!
        (You know what I mean if you have a cat)

        K 1 Reply Last reply Reply Quote 0
        • stephenw10S
          stephenw10 Netgate Administrator
          last edited by

          There is no official central management, yet. We are working on it though.

          What sort of firewall rules are you adding?

          One thing you can do it use URL aliases in rules and pull from a central source. Then you can just update a hosted txt file somewhere and all firewalls will pull in that change.

          Steve

          DaddyGoD KOMK 2 Replies Last reply Reply Quote 0
          • DaddyGoD
            DaddyGo @stephenw10
            last edited by DaddyGo

            @stephenw10 said in help with centralized control:

            here is no official central management, yet.

            I seriously feel like you're following me like a shadow, it's because you hate me or because you love me. hehehe.... :)
            (don't get me wrong I respect your knowledge - yes I know this is a forum where everyone does what they do best)

            Coming back to the question, this is a really smart question and could be a TODO.....

            +++edit:

            you were the first one to "like" ๐Ÿ‘ me, several years ago when I wrote about DOCSIS modems , I thought we would be friends Stephen... ??? ๐Ÿ˜‰

            what has changed since,.... I've been a rude?

            Cats bury it so they can't see it!
            (You know what I mean if you have a cat)

            1 Reply Last reply Reply Quote 0
            • stephenw10S
              stephenw10 Netgate Administrator
              last edited by

              Too much time on the forum ๐Ÿ˜‰

              Central management is understandably an often requested feature and it's something we've been working on for some time. And are still working on it!

              DaddyGoD 1 Reply Last reply Reply Quote 0
              • DaddyGoD
                DaddyGo @stephenw10
                last edited by DaddyGo

                @stephenw10 said in help with centralized control:

                Central management is understandably - And are still working on it!

                That's such an meaningless wording Stephen. (I know it's your jobs - excuse me - you used to be more informative)

                I'll be honest lately, I'm sensitive nowadays, hahaha

                I seriously think you're one of the best hardware guys out there, but you've changed your mentality recently, is something wrong lately?

                Yes, yes everyone is suffering

                Cats bury it so they can't see it!
                (You know what I mean if you have a cat)

                1 Reply Last reply Reply Quote 0
                • KOMK
                  KOM @stephenw10
                  last edited by

                  @stephenw10 said in help with centralized control:

                  We are working on it though.

                  Not trying to be cheeky but I've heard that for the past 5-6 years now.

                  DaddyGoD 1 Reply Last reply Reply Quote 0
                  • DaddyGoD
                    DaddyGo @KOM
                    last edited by

                    @kom said in help with centralized control:

                    Not trying to be cheeky but I've heard that for the past 5-6 years now.

                    this is what I meant

                    next to my problems, hahahahah ๐Ÿ˜‰

                    Cats bury it so they can't see it!
                    (You know what I mean if you have a cat)

                    1 Reply Last reply Reply Quote 0
                    • stephenw10S
                      stephenw10 Netgate Administrator
                      last edited by

                      I'm saying it's understandable that people ask about central management. I've got enough devices just in my office here that I could use such a feature!

                      I am saying we are actively working on it and I know that because I have been testing features that will required for it.
                      It's a huge undertaking though and I can't give you any sort of ETA right now.

                      Steve

                      DaddyGoD 1 Reply Last reply Reply Quote 0
                      • DaddyGoD
                        DaddyGo @stephenw10
                        last edited by DaddyGo

                        @stephenw10 said in help with centralized control:

                        I'm saying

                        It's fine and we've done without it...

                        -I take advantage of the opportunity :) -SORRY because this is a forum and I feel bad...
                        I know I'm hysterical!!!

                        Nothing personal, what do you say?
                        When the guy (VAMike) attacked me yesterday or before, you were right next to him, hmmm.

                        There are other topics, where others are treated me properly...

                        ๐Ÿ˜‰ ๐Ÿ˜‰ ๐Ÿ˜‰ ๐Ÿ˜‰ ๐Ÿ˜‰ ๐Ÿ˜‰ ๐Ÿ˜‰ ๐Ÿ˜‰ ๐Ÿ˜‰

                        Izaac a day ago @Izaac
                        @daddygo said in "pcscd PC/SC Smart Card Daemon" ?:

                        "it's not a good day for me"

                        Sorry to hear that. Hope things work out.

                        656878ff-8db6-4cae-9ec0-04482846a5da-image.png

                        So I just wanted to let you know, because I didn't like the shouting and now I'm making it.

                        I'm finished and if you feel like it feel free to remove my post! :)

                        Cats bury it so they can't see it!
                        (You know what I mean if you have a cat)

                        1 Reply Last reply Reply Quote 0
                        • K
                          kapvcop @DaddyGo
                          last edited by

                          @daddygo said in help with centralized control:

                          Hello,
                          Well, there is only "HA conf." that can stay in sync, but it's a good question anyway(!), because there is no such thing like "pfS cluster with central MGMT"
                          I would say ,at every point, every FW (firewall) is unique, but there really can be a situation where you need to clone a system - pfs to pfs to pfs, etc.
                          BTW:
                          this could be a smart question, don't know :)

                          Hello, thank you, I agree with the point that each point must be unique, however, there are common policies when the company has distributed branches that all must comply with. Let's have the idea or the example that suddenly we are going to give permission so that they can use a ZOOM for a webinar and only for one day 50 branches should be given permission ... that's what I want to get to.

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.