Recommended Agent: On-Premises
Supported Agents: On-Premises or Self-Hosted
Is Auto-Discovered By: N/A
Can Auto-Discover: N/A
Parent/Child Type Inspector: No
Inspection via: SSH
Data Summary: Here
Video isn't playing? Click here.
Before starting with the Inspector setup, we will need to configure the pfSense device such that a Liongard Agent can access it via SSH and login with a valid username and password or SSH key.
- Create a Liongard Service Account with read-only Admin permissions and either a password or SSH key that can be entered into Liongard for authentication purposes.
- Ensure that SSH access is enabled on the device and for the particular user that Liongard will use to login.
- Use (or setup) an On-Premises Agent inside the firewall (the recommended approach) or configure the firewall such that the SSH interface can be reached from a Self-Hosted Agent in your Datacenter.
In Liongard, navigate to Admin > Inspectors > Navigate to the pfSense Inspector > Select Add System.
Fill in the following information:
- Environment: Select the Environment this System Inspector should be associated to
- Friendly Name: Suggested "pfSense [Environment Name]"
- Agent: Select the On-premises Agent installed for this Environment (recommended) or Self-Hosted Agent
- Inspector Version: Latest
- IP/Hostname: The IP address or hostname (resolvable from the Agent machine) of the pfSense device
- SSH Port: SSH port reachable from the Agent machine
- SSH Username: Username on the pfSense device for use by the Inspector
- SSH Password or SSH Private Key: The password or SSH key associated with the above Username
- SSH Passphrase for Private Key: (IF CONFIGURED) SSH key passphrase, if using a private key with a passphrase
- Scheduling: The Inspector will default to run once a day at the time the Inspector is set up. Here you can adjust the schedule
Select Save. The Inspector will now be triggered to run within the minute.
If you would like this Inspector's data to be sent to ConnectWise and/or IT Glue, turn on Flexible Assets/Configurations for this Inspector:
- ConnectWise: Admin > Integrations > ConnectWise > Configuration Types > Confirm the "Configuration Auto-Updating" toggle is enabled
- IT Glue: Admin > Integrations > IT Glue > Flexible Assets > Confirm the "Flexible Asset Auto-Updating" toggle is enabled
For more information, please watch our How To video
To import pfSense Inspectors via CSV Import, navigate to Admin > Inspectors > pfSense > Select the down arrow icon in the top right-hand to Download CSV Import Template.
In the CSV Template, each row, starting on row three, will represent an Inspector. Fill in the following information for each Inspector you want to roll out:
- Agent.Name: This column is case sensitive. Copy and paste the associated Agent name from the Admin > Agents screen
- Inspector.Name: Enter "pfsense-inspector"
- Environment.Name: This column is case sensitive. Copy and paste the associated Environment name from the Dashboard screen
- Alias: Enter the Desired Friendly Name
- Config.SSH_HOST: Enter the IP address or hostname (resolvable from the Agent machine) of the pfSense device
- SecureConfig.SSH_PORT: Enter the SSH port (resolvable from the Agent machine)
- SecureConfig.SSH_USER: Enter the username on the pfSense device for use by the Inspector
- SecureConfig.SSH_PASSWORD: (If you created a Private Key, then leave this field empty) Enter the password associated with the above Username
- SecureConfig.SSH_PRIVATE_KEY: (If you did NOT create a Private Key, then leave this field empty) Enter the SSH key associated with the above Username
- SecureConfig.SSH_PASSPHRASE: (If you did NOT create a Private Key, then leave this field empty) Enter the SSH key passphrase
- FreqType: Enter "days"
- FreqInterval: Enter "1"
When ready to Import the CSV Template of Inspectors, navigate to Admin > Inspectors > pfSense > Select the up arrow icon in the top right-hand to Import CSV > Select your saved template.
After the successful import notification, reload your browser to find your imported Inspectors.
These Inspectors will automatically trigger themselves to run within a minute.
Updated 3 months ago