Duplicate firewall rules to other pfsense firewall

  • Hi

    I'm wondering if it is possible to only duplicate the firewall rules and aliasses, but nothing else.

    I'm having 2 vmware servers each running one instance of pfsense.
    I would like the 2 firewalls have the same rules and same aliasses list.
    I would need to find a way to only duplicate those 2 things. In this way I only have to configure 1 firewall and not 2.
    Is this possible?

  • Can you share your idea - why would you need set up like this? If you share rules and aliases you probably have the same IPs on the interfaces, right?

  • I'll try to explain it a little bit better.

    We have 2 physical vmware ESX machines. At this moment we cannot afford a hardware machine to place it in front of the two machines.
    So the idea is to install on each box an pfsense firewall.
    There are also some virtual machines that can use the v-motion feature.
    For that reason the same rules need to be setup on both machines.
    Because I'm lazy I would like to only configure one machine and copy the settings to the other machine ( if needed with some specific changes)

    I hope this clears out some things.

  • Nobody an idea?

  • Try doing a backup of one, and then restore that backup to the other one.

  • That means that the firewall needs to be rebooted if there is a change.
    this isn't realy what i want.

  • Any other ideas for this? Is there a single place where pfSense stores its firewall rules that could be copied over to another box via cron and ssh?

  • I found a manual way, through the manually backup,  there you can choose the individual parts you want to backup and restore.
    Definitly not the best way, but it works.