Tips to manage multiple pfSense installs



  • Can anyone point me to , or share here.
    Tips to make managing multiple 10+ pfSense installs.

    I mean ie.
    Export specific aliases , and import them on a different site.
    "Clone an interface" OptX to OptY (including rules)
    "Clone an interface" from sitex to sitey (including rules)

    Either with Web tricks (i doubt it) , or even direct XML tricks.

    I guess i made a mistake from the beginning , not to read up on interface groups 😢 - When one have 8+ vlans , that all have to have some basic deny's.

    A mini guide to interface groups (I ought to read the book on that)

    A robust solution not requiring a reboot would be preferred.
    And maybe XML hacking might be a tad to "optimistic" on a prod site.

    Well any tips are welcome

    /Bingo


  • Netgate Administrator

    If you use URL aliases hosted somewhere all sites can reach they can be used by all.
    Just update one location and all sites will pull it. Assuming you have aliases that apply to all sites that is.
    https://docs.netgate.com/pfsense/en/latest/book/firewall/aliases.html#url-aliases

    Steve



  • @stephenw10
    Thanx Steve

    I see the use for URL Table aliases, in blocklists etc.
    But i won't build "core" firewall rules that depends on a web service, on each load. Then i'd rather do the web clicking.

    But a nice feature i overlooked, if i ever need a huuuge "dynamic" blocklist.

    /Bingo


Log in to reply