Messages

1

Hardware and Performance / Re: Turnkey hardware

« on: January 26, 2021, 07:51:39 pm »

It depends. 

It depends on how many and how complex rules you have at firewall and IDS level. I would expect that the small Protectli has enough power to run your load. Maybe Sensei could be too much. Give it a try.

Thank you, yes it does depend I should have put more detail in, I am going to be testing it. This would mainly be targeting small businesses of 5 or 6 users and maybe 20 to 25 IP devices. I also need to test if the free version of Sensei gives me much benefit over the built in IDS. (I don't have any experience with Sensei yet)

2

Hardware and Performance / Turnkey hardware

« on: January 26, 2021, 03:35:49 pm »

I'm looking at moving my clients from pfsense to OPNsense. In the past I have been using the Protectli boxes with the intel E3845 and 8GB ram 120GB Drive. Is this adequate to use for an average of 300 meg down/30 up. With some mobile VPN.

It would be running OPNsense, IDS and Sensei for sure. I'm just looking for the best turnkey hardware solution. I've been very happy with the Protectli E3845 boxes so if that has enough power I would just stick with them, otherwise I am happy to look at other other options or bump up to the i3 if I need to.

3

General Discussion / Re: Central management

« on: January 19, 2021, 09:39:01 pm »

We are managing more than 50+ OPNsense here, all around the world

So we have developped:
  - a central management solution (cloud)
  - a plugin (with some API extensions)
  - a Zabbix template

So with this, OPNSense is provisionned from our CMS:
  - custom settings (hostname, dns, plugins...)
  - authentication
  - firewall rules
  - autossh service to an "hub" for dynamic IP/restricted WAN, and tunneling for GUI access
  - full supervision by Zabbix (including running services)
  - configuration/status (DHCP leases) access directly from our CMS
  - remote upgrade, with scheduling
  - alerts by email / slack : gateway status, services...
  - daily XML backuping

This solution is currently oriented for our usage, but we can easily extend it.
You can contact us if you are interested!

I would be interested in learning more about this. Sent you a PM

4

General Discussion / Re: Central management

« on: January 19, 2021, 07:24:53 pm »

Do I need one license per OPNsense or is one license enough for all of my OPNsense boxes?

Business edition for all managed devices.


Cheers,
Franco

Just to clarify because I am not clear. If I have 5 OPNsense boxes I want to centrally managed. Do I need 5 Business licenses or 1 business license?

5

General Discussion / Central management

« on: January 19, 2021, 03:51:38 am »

I'm a small MSP with alot of smaller clients that do not have static IP addresses. I use unifi for wireless but have been using pfsense for firewalls and just now checking out Opnsense. The issue I run into with pfsense is the lack of central management like unifi has. My customers often have static IP addresses and I am often in different locations and different IP's as well. Is there or are there any plans for a centralized management system for Opnsense, either cloud hosted or self hosted would be fine.