The Smoothwall Support Team may request that you reinstall your centrally managed Smoothwall setup using the steps outlined in this article.
Step 1: Reinstall the nodes
Reinstall each node in this order:
- Parent node, or skip this step if it is working as expected.
- Child node.
Step 2: Link the nodes
Skip this step if your nodes are:
- Part of the same local network.
- Contactable over an already established VPN tunnel.
- Contactable over an already established MPLS network.
Otherwise, link your nodes using the method allowed by your organisation's network management and security policies.
Option 1: Use a VPN tunnel
Link your two or more Smoothwall Appliances using an IPSec tunnel.
Option 2: Use the WAN address
You may choose to use this option if you don’t have a licence for the Tunnel module, or the child node is behind a separate Firewall. You must lock down access to only the WAN address of the parent device, so you don’t leave access open to the internet.
Important
If a child node is behind an external third-party Firewall, set up Port forwarding in that Firewall for ports 222, 81, and 441 to direct traffic through the firewall to the LAN IP of the child Smoothwall.
- Find the WAN addresses of your parent and child nodes.
- Sign in to the child node.
- Go to Network > Settings > Address object manager and add a new address object with the WAN address of the parent node.
-
Add a Smoothwall access rule with these settings:
- Source IP: Add the parent's WAN address using the address object created in step 3.
- Inbound Interfaces: Select the WAN address of the child node.
- Services: SSH-Based Admin (222).
- Action: Accept.
Step 3: Set up central management
Complete the full process to set up central management and link the child and parent nodes again.