Page 1 of 2

Firewall Information Not Populated

Posted: Mon Oct 24, 2022 8:05 pm
by ckatri
I am having difficulty adding a firewall and a few questions.
1. How do I get the firewall information to be fetched? I can't get it to show as green
2. Is the information queried from an automate agent on the same network? Or does the webCfg UI have to be open for a server to access.
3. I was able at one point to get the plugin to query the API for information, which I saw in the pfsense logs, but then it stopped after a few minutes and never showed in the plugin.

Thank you,
Cameron

Re: Firewall Information Not Populated

Posted: Tue Oct 25, 2022 1:34 pm
by Cubert
I would start with a solid read here,

https://github.com/jaredhendrickson13/pfsense-api

It talks about login security, and how the API reacts. It talks about what happens with updates and upgrades and it will help assist in confirming that your API settings are working. It will show you how PFsense logs access so you can see if agents are being rejected.


Once our plugin can authenticate and make the first queries the dot should go green. (unless API is out of date)

You can use tools like POSTMAN to query your API directly to see if it is working as expected.

Re: Firewall Information Not Populated

Posted: Wed Oct 26, 2022 1:02 pm
by ckatri
I have read all that, and confirmed that the API is working correctly, I am able to query it manually with curl with the login information I provided to the plugin.

Re: Firewall Information Not Populated

Posted: Wed Oct 26, 2022 1:21 pm
by Cubert
Very good, That's has to be working before anything else will operate.

So now that you enabled a firewall, When enabled a scan is preformed by a Windows agent at the location where device is located. This agent is selected by looking for the most resent online agent with the highest Windows version. The scan takes a minute to complete and returns a XML Backup of the device along with its current configuration data as displayed in the plugin.

So we need to force a scan and look for the agent being used under that location. It will be a agent with the highest OS versions and is picked at random, being on line. That agent will have script logs that will show the script "PFSense Manager Maintenance" running different commands on agent and the returns. We need to see what the agent is reporting back during probe.

To find out what agent is being used at any given location, look to the server logs for the plugin on the Automate Host.

C:\Program Files\LabTech\Logs\plugin_pfsensemanager.txt

Look for line entries like this:
PFSense Manager using agent [Agent ID] to service [Firewall IP] device"

Also review this log for errors and any abnormalities.

Post these script, command and server logs up here and I will review them to see what may be causing the issues.

Re: Firewall Information Not Populated

Posted: Wed Oct 26, 2022 4:28 pm
by ckatri
I just checked and it seems to have worked for population the information but I am not seeing a backup. I also seem to have found part of the issue: the agent it is choosing at random is a laptop that is not actually on the network. Is it possible at all to manually select an agent? We have some computers that are guaranteed to be available, so it would be ideal if we could hardcode it to always use one of those.

Re: Firewall Information Not Populated

Posted: Thu Oct 27, 2022 1:18 pm
by Cubert
Not currently but I could look to add in a agent selection list to the add firewall button so you could select what agent to run scans against.

Re: Firewall Information Not Populated

Posted: Fri Nov 11, 2022 8:18 pm
by ckatri
That would be very useful.

Re: Firewall Information Not Populated

Posted: Mon Nov 28, 2022 3:06 pm
by ckatri
Hey, what is the status on this? This feature is necessary for this plugin to be of any use to us.

Re: Firewall Information Not Populated

Posted: Mon Nov 28, 2022 6:36 pm
by Cubert
Sorry for the late reply, was out on holiday.

As for your request, we have added it to the code base and it is available in build 2.0.0.2 available here

Build 2.0.0.2

What's new:
You now have 2 new items in menu. Manage what agents are used at what locations and a client scan button to allow you to force a scan now.


menu2.0.png
menu2.0.png (8.42 KiB) Viewed 3921 times


The set Location and agent menu item will bring you to a control that will allow you to select any location for client then any agent under that location.


location-agent.png
location-agent.png (17.87 KiB) Viewed 3921 times

Re: Firewall Information Not Populated

Posted: Mon Nov 28, 2022 8:14 pm
by ckatri
Thank you, I was just checking it out, two notes:
1. The new "scan client firewall" does not seem to work
2. the execute command does not respect the new agent selection