How would you go about managing 24 pfSense boxes?
-
I have 24 remote sites with pfSense.
What is the most secure/time saving option to manage them like updating?
Do i just set up openVPN on each, open SSH and that's it?I also want to set up FTP server where all pfSense boxes will forward updates like every night/week? I am not asking to hold my hand but a good recent guide, I only found some really olds ones like 8-10 years old.
-
@pfrickroll said in How would you go about managing 24 pfSense boxes?:
I also want to set up FTP server where all pfSense boxes will forward updates like every night/week?
Could you elaborate on that? What updates and what do you mean by "forward them every night"?
-
@jegr said in How would you go about managing 24 pfSense boxes?:
@pfrickroll said in How would you go about managing 24 pfSense boxes?:
I also want to set up FTP server where all pfSense boxes will forward updates like every night/week?
Could you elaborate on that? What updates and what do you mean by "forward them every night"?
First of all I made a typo i meant "back ups" not updates, sorry.
What i wanted is lets say I put an FTP server either physical or in VM in my main location. The rest of 24 remote sites with pfSense would upload their backups to FTP like every day or so. -
Would the AutoConfigBackup not suffice? Or do you definitely have to have the nightly backups locally?
-
@kom said in How would you go about managing 24 pfSense boxes?:
Would the AutoConfigBackup not suffice? Or do you definitely have to have the nightly backups locally?
My main concern is to have back ups on FTP server as well. Would be nice if i made a change on firewall it will automatically makes backup and then triggers upload of that backup on FTP server but I think it involves some scripting and beyond my experience.
-
Sending out a backup over FTP not the best.
Our Autoconfig backup is instant change backup. My suggestion is to try it out on a firewall and 2 and see if it fits your needs.
https://www.netgate.com/docs/pfsense/backup/autoconfigbackup.html
This is free for all of our customers.
Need help fast? Our support is available 24/7 https://www.netgate.com/support/
Do Not PM For Help!
-
Thank you very much, I will check it out.
-
Also, why backup over FTP is not the best?
-
Ftp is not secure.
https://security.stackexchange.com/questions/191900/how-insecure-really-is-ftp
Your backup holds your passwords, certificates and other information you don't want people to have access to.
-
Yes, if you absolutely had to use FTP, you would definitely want to encrypt it before you sent it and that's another layer of complexity to worry about.
-
I never dealt with FTP before, so never read up on it. My company used to upload some sensitive docs straight to FTP server about 5 years ago, at that time they didn't even think they need firewalls and VPNs.
