Skip to main content

Managing Zenarmor Services on OPNsense

You can easily manage your Zenarmor services on the Dashboard page of Zenarmor by performing the tasks explained in this guide.

Viewing Services Status

You can view the status of the Zenarmor-related services on the Dashboard page of your OPNsense node. It provides all the critical system-level information you need to manage your Zenarmor NGFW. You may access Zenarmor services for management purposes by navigating to ZenarmorDashboard on your OPNsense web UI

The following services are listed on Zenarmor Dashboard:

  • Engine

  • Reporting Database

  • Cloud Agent

  • Cloud Nodes Status

Services Status(Engine, Reporting DB, Cloud Agent)

Figure 1. Services Status(Engine, Reporting DB, Cloud Agent)

You can check whether one of the services is running or not by viewing the related pane on the Dashboard page.

Engine Pane

In this pane, you can view and manage the core packet engine which does all the heavy lifting and packet processing. It provides Start/Stop and Restart buttons for the engine as well as Start on Boot control to set the engine daemon status on a system restart.

Engine Pane

Figure 2. Engine Status Pane

The following status options are available for the Zenarmor packet engine:

  • Running
  • Stopped
  • Bypassed

Engine Status pane provides the following details:

  • Status of the engine (Running/Stopped/Bypassed)

  • Installed engine version and installation time

  • Last update time and signature of the engine

Reporting Database

The Reporting Database pane shows the database status and provides Start/Stop/Restart buttons for the database, and a Start on boot option to allow the database to run after a system restart. Reporting Database pane provides the following details:

  • Status of the reporting database (Running/Stopped)

  • Installed database type (Elasticsearch/MongoDB/SQLite)

Reporting DB Status Pane

Figure 3. Reporting Database Status Pane

info

We highly recommend keeping the ElasticSearch database running at all times since it is the primary database used by Zenarmor.

Cloud Agent Pane

Cloud Agent pane provides Restart button and the following details:

  • Status of the cloud agent (Running/Stopped)

  • Installed agent version and installation time

Cloud Agent Pane

Figure 4. Cloud Agent Pane

Cloud Nodes Status Pane

Cloud threat intelligence servers are used for querying real-time information on threat intelligence and web categorization. Web Categorization and The Cloud Threat Intelligence data are queried in real-time when a connection attempt is made through your network. It allows us to respond to malware and malicious connections quickly in real time. Two Cloud Reputation servers with the best response times are automatically selected and configured by the engine according to their network response times during the installation and/or initial configuration.

Cloud Nodes Status panel provides detailed information about the followings:

  • Node Name: Name of the cloud reputation server such as US-West, US-Central, US-East, Europe, Australia, Asia, etc.

  • Node Status: Availability of the server (UP/Down)

  • Success Rate: The connection (ICMP) success rate for the server (uptime percentage)

Cloud Nodes Status

Figure 5. Cloud Nodes Status

tip

If one of the nodes has an unhealthy status/connection, a healthy cloud threat intelligence server can be manually selected and configured by navigating Zenarmor → Settings → Cloud Threat Intelligence.

Enabling Bypass Mode for Packet Engine

For troubleshooting purposes, the packet engine may be run in Bypass Mode. In this mode, the engine does not apply any security controls for traffic and simply passes it through on the protected interfaces. In bypass mode, Zenarmor operates like a dummy L2 bridge.

Bypass Mode feature is useful when investigating incompatible network driver(s), troubleshooting a problem with the packet engine, or resolving issues with other system components such as netmap. If the problem still exists in bypass mode, that means the problem is not related to the packet engine. Rather, it may be a netmap or OS problem.

To enable Bypass mode you may follow the next steps:

  1. Hover your mouse over the Engine Pane. This will display engine management buttons on the pane.
  2. Click the Enter Bypass button. This will pop up a dialog box for confirmation. Confirmation to enter Bypass Mode

Figure 6. Confirmation to Enter Bypass Mode 3. Click the Enter Bypass button.

Engine is in Bypass Mode

Figure 7. Engine is in Bypass Mode

To exit Bypass mode you may follow the next steps:

  1. Hover your mouse over the Engine pane. This will display engine management buttons on the pane.
  2. Click the Exit Bypass button. This will pop up a dialog box for confirmation. Confirmation to Exit Bypass Mode

Figure 8. Confirmation to Exit Bypass Mode 3. Click the Exit Bypass button.

Start/Stop/Restart of a Service

You can start/stop/restart the Zenarmor-related services on the dashboard by following the next steps:

  1. Hover your mouse over the service pane where you want to change the status.

  2. To stop/start/restart one of the services, click the Stop/Start/Restart button in the service pane. This will pop up a dialog box for confirmation.

  3. Click the Stop/Start or Restart button in the dialog box for confirmation.

Enabling/Disabling Start on Boot

Start on boot allows the packet engine or the database to start running after the firewall has been rebooted.

You can enable/disable the Start on boot option by following the next steps:

  1. Hover your mouse over the service pane where you want to change the status.

  2. Click the Start on boot button in the service pane.