help with centralized control

kapvcop · Jul 29, 2021, 2:54 PM

Hello friends, I would like to know if there is any way to control all the firewalls from a central point, let me explain, I have 5 branches with a Pfsense firewall but when I create a rule that they must share I must enter one by one making a copy of this rule, then there is a way to control all firewalls from a centralized console ?, the cloud ...
I appreciate any help ...

DaddyGo · Jul 29, 2021, 3:36 PM

@kapvcop said in help with centralized control:

let me explain, I have 5 branches with a Pfsense firewall but when I create a rule that they must share I must enter one by one making a copy of this rule

Hello,

Well, there is only "HA conf." that can stay in sync, but it's a good question anyway(!), because there is no such thing like "pfS cluster with central MGMT"

I would say ,at every point, every FW (firewall) is unique, but there really can be a situation where you need to clone a system - pfs to pfs to pfs, etc.

BTW:
this could be a smart question, don't know :)

stephenw10 · Jul 29, 2021, 3:48 PM

There is no official central management, yet. We are working on it though.

What sort of firewall rules are you adding?

One thing you can do it use URL aliases in rules and pull from a central source. Then you can just update a hosted txt file somewhere and all firewalls will pull in that change.

Steve

DaddyGo · Jul 29, 2021, 4:16 PM

@stephenw10 said in help with centralized control:

here is no official central management, yet.

I seriously feel like you're following me like a shadow, it's because you hate me or because you love me. hehehe.... :)
(don't get me wrong I respect your knowledge - yes I know this is a forum where everyone does what they do best)

Coming back to the question, this is a really smart question and could be a TODO.....

+++edit:

you were the first one to "like" me, several years ago when I wrote about DOCSIS modems , I thought we would be friends Stephen... ???

what has changed since,.... I've been a rude?

stephenw10 · Jul 29, 2021, 4:15 PM

Too much time on the forum

Central management is understandably an often requested feature and it's something we've been working on for some time. And are still working on it!

DaddyGo · Jul 29, 2021, 4:30 PM

@stephenw10 said in help with centralized control:

Central management is understandably - And are still working on it!

That's such an meaningless wording Stephen. (I know it's your jobs - excuse me - you used to be more informative)

I'll be honest lately, I'm sensitive nowadays, hahaha

I seriously think you're one of the best hardware guys out there, but you've changed your mentality recently, is something wrong lately?

Yes, yes everyone is suffering

KOM · Jul 29, 2021, 4:31 PM

@stephenw10 said in help with centralized control:

We are working on it though.

Not trying to be cheeky but I've heard that for the past 5-6 years now.

DaddyGo · Jul 29, 2021, 4:33 PM

@kom said in help with centralized control:

Not trying to be cheeky but I've heard that for the past 5-6 years now.

this is what I meant

next to my problems, hahahahah

stephenw10 · Jul 29, 2021, 4:58 PM

I'm saying it's understandable that people ask about central management. I've got enough devices just in my office here that I could use such a feature!

I am saying we are actively working on it and I know that because I have been testing features that will required for it.
It's a huge undertaking though and I can't give you any sort of ETA right now.

Steve

DaddyGo · Jul 29, 2021, 5:35 PM

@stephenw10 said in help with centralized control:

I'm saying

It's fine and we've done without it...

-I take advantage of the opportunity :) -SORRY because this is a forum and I feel bad...
I know I'm hysterical!!!

Nothing personal, what do you say?
When the guy (VAMike) attacked me yesterday or before, you were right next to him, hmmm.

There are other topics, where others are treated me properly...

Izaac a day ago @Izaac
@daddygo said in "pcscd PC/SC Smart Card Daemon" ?:

"it's not a good day for me"

Sorry to hear that. Hope things work out.

So I just wanted to let you know, because I didn't like the shouting and now I'm making it.

I'm finished and if you feel like it feel free to remove my post! :)

kapvcop · Jul 31, 2021, 3:48 PM

@daddygo said in help with centralized control:

Hello,
Well, there is only "HA conf." that can stay in sync, but it's a good question anyway(!), because there is no such thing like "pfS cluster with central MGMT"
I would say ,at every point, every FW (firewall) is unique, but there really can be a situation where you need to clone a system - pfs to pfs to pfs, etc.
BTW:
this could be a smart question, don't know :)

Hello, thank you, I agree with the point that each point must be unique, however, there are common policies when the company has distributed branches that all must comply with. Let's have the idea or the example that suddenly we are going to give permission so that they can use a ZOOM for a webinar and only for one day 50 branches should be given permission ... that's what I want to get to.