What software to manage multiple PFsense installations?

Networking & Firewalls
1

I’m new to PFsense & wondered if there’s a go-to software package that can monitor multiple PFsense boxes in one dashboard. eg. firmware updates, outages, stats & notifications etc.
Thanks!

2

Notifications can be done via e-mail, outages you will hear about it and firmware updates are feu ‘that’s a good thing’ so you can set aside a time for all your clients. I’m sure there are packages out there but i’m guessing a third party for connection or some other means of secure connection to homebase. Not sure you will need it as I find Pfsense very stable and like I said if there are issues you will be the first to know :slight_smile:

1 Like
3

pfsense can use Zabbix & Nagios for monitoring and for the firmware just look for the releases. pfsense does not have different firmware for different models like other firewall vendors.

3 Likes
4

I have six sites link with a mesh of VPN, and these are the things I have done to ease the management.

  • Extensive use of aliases for everything. (network ranges, ports groups, hosts)
  • Consistent nomenclature for aliases.
  • Alias synchronization. (manually but I plan to use the HA options)
  • I have bookmarks on the browser for all internal (VPN Addresses) and public addresses. (yes, my firewalls have open ports for administration on a public interface, but I only allow connections from one specific IP)
  • I have a rsyslog server that receives logs from all the firewalls.
  • I use static routes to connect to the switch on each site, and OSPF for routing inside the VPN mesh.
    When I add a new route, all the other firewalls get updated in a couple seconds.
  • Planning and network design, well defined network ranges and documentation. (I have a spreadsheet with all the information, ranges, interfaces IPs, ISPs contact numbers and services IDs.
3 Likes
5

I heard that netgate may be working on software that will manage pfsense deployments. This would be super useful in the enterprise.

1 Like
6

Nice setup! I’m slowly moving certain documentation over to a Draw.io network diagram, with a legend & IP’s etc etc listed close to devices / via an arrow. So far so good & the clients like the diagrams which is a bonus.