Note: This topic applies to the Inverness Release.
A centrally managed Smoothwall is comprised of an instance of a Smoothwall product running as a parent node and one or more compatible Smoothwall products running as child nodes, being managed by the parent node.
A centrally managed Smoothwall can be used in either:
|||A load balancing configuration, for example, for large enterprise networks|
|||A configuration replication environment, for example, in a "head office and branches" network where all Smoothwall nodes must have the same behavior|
|||A status monitoring configuration, where the parent node just monitors the status of all children nodes, and advises when to install updates and releases|
Before you start to set up a centrally managed Smoothwall:
|||Check that all the Smoothwall appliances you intend to include in the system have the latest updates applied. For more information, see Updating the Smoothwall.|
|||Check that you have administrator access to all of the appliances you want to include in the system.|
|||Check that there is network access from the parent node to the appliances that are child nodes in the system.|
The parent node can be used to manage all child nodes in the configuration.
|1.||Log in to the instance of Smoothwall you want to function as the parent node.|
|2.||Go to System > Central management > Settings.|
|3.||From the Local node options section, select Parent from Node role.|
|4.||Additional configuration is made available:|
|•||Central management options > Node identification|
This determines how nodes are identified for redirection purposes:
Use individual node settings — Allows each individual node to use their own IP address or hostname.
All nodes use the hostname <
hostname> — The hostname specified here is used instead of the individual node's hostname for redirected requests. This overrides the hostname set on the System > Preferences > Hostname page (see Changing the System Hostname).
|•||Manage central management keys|
Every child node in the same cluster must have the central management key from the parent installed.
Click the Download button to download the key in PEM format. Save the key in a secure, accessible location for distribution to the child nodes.
For a detailed description of how to install the key in the child nodes, see Changing a Node to be a Child Node.
Every child node in a centrally managed Smoothwall must have a central management key installed and SSH enabled.
|1.||From the appliance you want to add as a child node, go to System > Central management > Settings.|
|2.||From the Local node options panel, select a Node role of Child.|
|3.||To upload the central management key downloaded from the parent node (see Configuring the Parent Node), click Choose File from the Manage central management keys section.|
|4.||Locate and open the relevant key.|
Note: If you are re-configuring a child node to be the child of a new parent, reboot the child node to apply the changes.
|6.||Ensure SSH is enabled on the System > Administration > Admin options page.|
|7.||Add the child node details to the System > Central management > Child nodes page — see Adding Child Nodes to the Parent Node.|
|8.||Repeat the above on any other appliances you want to use as child nodes.|
From time-to-time, you may need to work on a child node without the replication settings being applied by the parent. You can do this by disconnecting the child node locally.
|1.||From the node you want to disconnect, go to System > Central management > Settings.|
|2.||In the Local node options section, select Disable and click Save.|
Note: From the parent node, nodes that have been disabled locally are listed as
Node uncontactable on the System > Central management > Overview page.