Firewall
Security gateways and network distribution in one module. Manage rules, NAT, and VPN across OPNsense, pfSense, MikroTik, and OpenWrt, then push canonical VLANs to many controllers at once with drift detection and saga-style rollback.
Firewall management (OPNsense production-grade, pfSense, MikroTik, OpenWrt) plus absorbed gateway orchestration: canonical VLANs, drift detection, and multi-controller distribution. Rule CRUD and reorder, NAT, VPN (IPsec/OpenVPN/WireGuard) with stats, and IDS/IPS.

Firewall capabilities
Rules, NAT, and VPN
Create, reorder, and audit firewall rules; configure NAT; and manage IPsec, OpenVPN, and WireGuard tunnels with live stats.
IDS/IPS
Surface intrusion-detection alerts next to the rules that matter so signal and policy live in one place.
Canonical VLAN distribution
Define VLANs once and distribute them across multiple gateways and controllers. The orchestration view shows canonical VLANs, site role maps, and distributions.
Drift detection
Continuously compare on-device config against the intended canonical state and raise drift events when something changes out of band.
Brain and limb site roles
A site role map designates which gateway is authoritative (brain) and which follow (limb), so distribution always has a clear source of truth.
Brownfield import
An import wizard pulls existing config from a live gateway, so you can adopt a network you did not build from scratch.
This module drives the following vendor adapters. One typed API, one dashboard, regardless of who made the hardware.
See all 12 vendor adapters- OPNsense is the production-grade reference adapter. pfSense, MikroTik, and OpenWrt coverage varies by capability and is gated accordingly.
Explore other modules
All modules →See it running in your browser
Explore the full FreeSDN dashboard with realistic sample data, no signup, no backend. Then install it in minutes.