Set up nodes managed centrally by the parent

A centrally managed Smoothwall setup includes a Smoothwall running as a ‘parent’ node and one or more Smoothwall ‘child’ nodes managed by the parent. You can use this setup to standardise configuration across all nodes or have the parent monitor child nodes for updates and reporting.

Before you begin

• Ensure all nodes are updated to the same level. We recommend updating to the latest release where possible.
• Ensure you have Administrator access to all parent and child nodes.
• Check there is network access from the parent node to the child nodes:
  
  • Go to Network > Settings > Advanced and ensure the ICMP ping checkbox in Networking features > Block and ignore is not selected.
  • Ensure any firewalls between the parent and child nodes are not blocking ICMP ping traffic.
• Turn on SSH on the parent and all child nodes.
• Ensure you have a Smoothwall access rule to Accept traffic for SSH-based admin (222) on the parent and all child nodes.
• If you use the same directory across multiple sites and want to share the authentication status of users between Smoothwall Appliances, enter the IP addresses of your other Smoothwall Appliances on the Services > Authentication > Settings page.

Set up central management

Step 1: Set up the parent node

1. Sign in to the Smoothwall that will be the parent node.
2. Go to System > Central management > Settings.
3. The Node role determines how this Smoothwall is used. Select Parent.
4. The Node identification method determines how each child node is identified:
   
   • Use individual node settings: Keep this selected to allow each individual node to use its own IP address or hostname.
   • All nodes use the hostname: Select this option to enter a specific hostname instead of the individual node's hostname for redirect requests. This overrides the hostname in System > Preferences > Hostname.
5. In the Manage central management keys section, select Download.
6. Select Save.
7. Sign out of the parent node.

Step 2: Set up the child node

1. Sign in to a Smoothwall that will be a child node.
2. Go to System > Central management > Settings.
3. For Node role, select Child.
4. To import the Parent’s key, select Choose file.
5. Find the file.
6. Select Save.
7. Reboot the child node.
8. Sign out of the child node.
9. Repeat for each child node.

Step 3: Link the child node and parent node

1. Sign in to the Smoothwall that will be the parent node.
2. Go to System > Central management > Child nodes.
3. Select the Add node link.
4. In the Node details section:
   
   • Enter a unique Node name.
     

       Note

     Using the name of an existing child node overwrites that node.

   • Enter the IP/hostname.
   • (Optional) Enter a comment.
5. In the Node settings section:
   
   • Select the Replication profile (the Archive profile) from the drop-down. This will determine the settings on the child node.
     
     • Service objects and service object groups are replicated to the child nodes with ’Replicated:’ prepended to the name. Service objects already on the child nodes remain unchanged.
     • Other objects (if selected in the Replication Profile) are replicated, but with no name change.
   • Ensure the Central logging checkbox is selected to send user data from the child node to the parent node. Deselect this checkbox to only report on this data from the child node.
   • Ensure the Allow parent to monitor status checkbox is selected to see if the node is up from the Central management > Overview page on the parent node.
   • Ensure the Allow information sharing checkbox is selected to send data from the child node to the parent node for user sign-ins and quota usage.
6. Ensure the Enable node checkbox is selected.
7. Select Confirm.
8. On the next page, select Save.

Monitor your nodes

Check node statuses

You can monitor your child nodes from the System > Central management > Overview page on the parent node. Review the Status column:

• Green tick: The node is functioning.
• Red cross: The node needs immediate attention.
• Orange exclamation mark: Check the node for potential problems.

Select the Status text to open the node’s details page.

Reboot or refresh a node

You may need to reboot a node after updating the node. You can also reboot the Smoothwall you are signed into from the Shutdown page.

1. Go to System > Central management > Overview.
2. Select the Status for the node you want to reboot or refresh.
3. Select Refresh node to check for new updates.
4. Select Reboot node to restart the node:
   
   • Select Now to immediately update the node.
   • Select Later and select the time from the drop-down to update later.
     

       Note

     If the scheduled time has passed today, the update will occur tomorrow at the selected time.

5. Select Schedule reboot.

Disconnect and reconnect a node

To temporarily stop the parent from applying replication settings to a child node, disconnect the child node.

1. Sign in to the child node.
2. Go to System > Central management > Settings.
3. Change Node role to Disabled (not centrally managed).
4. Select Save.
5. Make the required changes to the child node.
   

     Tip

   While disconnected, the child node will say Node not contactable on the parent node’s System > Central management > Overview page.

6. Change the Node Role back to Child.
7. Select Save.