• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Configuring Pfsense via ssh

Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
10 Posts 4 Posters 7.2k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • U
    userkiller
    last edited by Feb 17, 2015, 3:28 PM Jan 27, 2015, 4:25 PM

    I want to know how i can completely configured my pfsense box via ssh. I want to create a JavaScript form that will asked for the type of configuration like defaults port, rules , lan1 IP, enable DHCP and so on .

    The initial requirement is to have a wan IP on the firewall and  password, so I can ssh into it and run the configurations. basically I will have a dummy backup file where the configurations setting will be stored and it will be restored into the firewall.

    Or if there's a way I can just edit the conf/config.xml on a freshly installed pfsense so I can configure my settings from there and then restore it into the firewall?

    Thanks

    1 Reply Last reply Reply Quote 0
    • U
      userkiller
      last edited by Feb 17, 2015, 3:12 PM

      bump, can anyone help me out.

      1 Reply Last reply Reply Quote 0
      • D
        dotdash
        last edited by Feb 17, 2015, 4:24 PM

        There is a menu that lets you assign the lan IP, enable dhcp, etc. Other things such as restoring a config can be done via the dev shell. I understand the desire for more cli based control, but don't know why you'd bring javascript into it. If you just want to restore an edited config, why not do it via the gui?

        1 Reply Last reply Reply Quote 0
        • H
          heper
          last edited by Feb 17, 2015, 4:58 PM

          you can scp a config.xml to the right location, then reboot the firewall. (/conf/config.xml)
          to be on the safe side, you might wish to rm /tmp/config.cache to wipe the cache if there is one.

          there might be issue's when you move the config to a device with different NIC's …. the webgui restore function will prompt to reassign the interfaces ; when you manually drop a new xml this (might) not happen.

          1 Reply Last reply Reply Quote 0
          • U
            userkiller
            last edited by Feb 17, 2015, 5:29 PM Feb 17, 2015, 5:17 PM

            Thanks for the reply guys, I'm trying to build a platform that will automatically configured the servers, along with the firewall automatically based on the users input.

            And in order to scp i would need a default IP for Pfsense? and regarding to the NIC issued is there a way to go around it, I would to doing this type of installation on different types of firewall(vendors) running Pfsense.
            This is my senior project, so any help will be highly appreciate it.

            1 Reply Last reply Reply Quote 0
            • G
              Gertjan
              last edited by Feb 18, 2015, 1:00 AM

              Setup up pfSense with the SSH access ?
              Why not.

              Hard core question => hard core answer.

              Enter SSH.
              Type this command

              viconfig
              

              Now, yo have FULL control - even more as what the GUI offers you.

              Or, of course, you could rewrite the entire PHP GUI in Javascript ….
              Well .... you will be right. That will kill a user  ;)

              No "help me" PM's please. Use the forum, the community will thank you.
              Edit : and where are the logs ??

              1 Reply Last reply Reply Quote 0
              • U
                userkiller
                last edited by Feb 18, 2015, 12:31 PM

                Thanks I will try it out, and no I don't want to reinvent the wheel. I just want to make a cluster installation quicker and less technical.

                1 Reply Last reply Reply Quote 0
                • U
                  userkiller
                  last edited by Feb 18, 2015, 12:34 PM

                  @Gertjan:

                  Setup up pfSense with the SSH access ?
                  Why not.

                  Hard core question => hard core answer.

                  Enter SSH.
                  Type this command

                  viconfig
                  

                  Now, yo have FULL control - even more as what the GUI offers you.

                  Or, of course, you could rewrite the entire PHP GUI in Javascript ….
                  Well .... you will be right. That will kill a user  ;)

                  One more thing so I would still need to enable SSH, assign an IP on WAN, and configured the firewall to allow SSH in order for me to be able to do this.

                  1 Reply Last reply Reply Quote 0
                  • G
                    Gertjan
                    last edited by Feb 18, 2015, 3:26 PM

                    If you want to:
                    @userkiller:

                    I want to know how i can completely configured my pfsense box via ssh.

                    then, yes, somehow your SSH port needs to be accessible from 'somewhere'.

                    O….. assign an IP on WAN, and configured the firewall to allow SSH in order for me to be able to do this.

                    Accessing SSH from WAN is possible - but isn't done.
                    Its like introducing a huge security risk.

                    No "help me" PM's please. Use the forum, the community will thank you.
                    Edit : and where are the logs ??

                    1 Reply Last reply Reply Quote 0
                    • U
                      userkiller
                      last edited by Feb 18, 2015, 7:59 PM

                      I can do it from lan, it doesn't matter since the configuration is being done locally.

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                        [[user:consent.lead]]
                        [[user:consent.not_received]]