Set up nodes managed centrally by the parent

A centrally managed Smoothwall setup includes a Smoothwall Appliance running as a parent node and one or more Smoothwall child node Appliances managed by the parent. You can use this setup to standardise configuration across all nodes or have the parent monitor child nodes for updates and reporting.

Before you begin

• Ensure all nodes are updated to the same level. We recommend updating to the latest release where possible.
• Ensure you have Administrator access to all parent and child nodes.
• Ensure there is network access from the parent node to the child nodes:
• Ensure the ICMP ping checkbox in Network Settings > Block and ignore is clear.
• Ensure any Firewall between the parent and child nodes is not blocking ICMP ping traffic.
• Turn on SSH on the parent and all child nodes.
• Ensure you have a Smoothwall access rule to Accept traffic for SSH-based admin (222) on the parent and all child nodes.
• If you use the same directory across multiple sites and want to share the authentication status of users between Smoothwall Appliances, enter the IP addresses of your other Smoothwall Appliances on the Services > Authentication > Settings page.

1: Set up the parent node

1. Sign in to the Smoothwall that will be the parent node.
2. Go to System > Central management > Settings.
3. The Node role determines how this Smoothwall is used. Select Parent.
4. The Node identification method determines how each child node is identified:
• Use individual node settings: Keep this selected to allow each individual node to use its own IP address or hostname.
• All nodes use the hostname: Select this option to enter a specific hostname instead of the individual node's hostname for redirect requests. This overrides the Smoothwall Appliance hostname.
5. In the Manage central management keys section, select Download.
6. Select Save.
7. Sign out of the parent node.

2: Set up the child node

1. Sign in to a Smoothwall that will be a child node.
2. Go to System > Central management > Settings.
3. For Node role, select Child.
4. To import the Parent’s key, select Choose file.
5. Find the file.
6. Select Save.
7. Reboot the child node.
8. Sign out of the child node.
9. Repeat for each child node.

3: Link the child node and parent node

1. Sign in to the Smoothwall that will be the parent node.
2. Go to System > Central management > Child nodes.
3. Select the Add node link.
4. In the Node details section:
1. Enter a unique Node name.

     Note

   Using the name of an existing child node overwrites that node.

2. Enter the IP/hostname.
3. (Optional) Enter a comment.
5. In the Node settings section:
1. Select the Replication profile (the Archive Profile) from the drop-down. This will determine the settings on the child node.
• Service objects and service object groups are replicated to the child nodes with ’Replicated:’ prepended to the name. Service objects already on the child nodes remain unchanged.
• Other objects (if selected in the Replication Profile) are replicated, but with no name change.
2. Ensure the Central logging checkbox is selected to send user data from the child node to the parent node. Clear this checkbox to only report on this data from the child node.
3. Ensure the Allow parent to monitor status checkbox is selected to see if the node is up from the Central management > Overview page on the parent node.
4. Ensure the Allow information sharing checkbox is selected to send data from the child node to the parent node for user sign-ins and quota usage.
6. Ensure the Enable node checkbox is selected.
7. Select Confirm.
8. On the next page, select Save.

Next steps

See Manage and monitor child nodes to:

• Reboot or refresh a node after updating.
• Disconnect and reconnect a node to temporarily stop the parent from applying replication settings.
• Remove a child node from central management.