Installing ntopng v.5 on PFSense

Posted on 2 mins read

Installing ntopng

If you currently have the ntopng package installed from the builtin repository you will have to first remove it. Be sure to also delete any data left in /var/db/ntopng. Then follow the instructions here to install ntopng v.5 on your PFSense.

ntopng Config file

Adding interfaces

SSH into your PFSense and run ntopng -h to show all available interfaces. Add the ones you want to monitor (including any Vlan interfaces)

-i=em0
-i=em1
-i=em1.10

Adding https port

Add the https port replace -w with:

--http-port=3000
--https-port=3001

Change to your desired ports but DO NOT set them to anything that might already be in use on your PFSense. http traffic will now automatically be redirected to https.

Use Community Edition

Add the community string to the end of the config file (not correct in the ntopng documentation)

--community=

Basic configuration

In order to get rid of any default nagging notifications you will have to configure the following at a minimum:

Set all internal interfaces to use MAC Address as identifiers and set interface DHCP ranges

Go to https://10.10.10.1:3001/lua/if_stats.lua?page=config&ifid=1 (replace with the IP of your PFSense) Set all interfaces to use MAC Addresses

Go to https://10.10.10.1:3001/lua/if_stats.lua?page=dhcp&ifid=1 (replace with the IP of your PFSEnse) Set all DHCP ranges.

Use Let’s Encrypt certificates for ntopng

In Services > ACME > General settings make sure you have the “Write Certificates” checkbox ticked.
ACME Screenshot 1

SSH into your PFSense and test copying the certificates manually cat /conf/acme/yourdomain.tld.all.pem /conf/acme/yourdomain.tld.fullchain > /usr/local/share/ntopng/httpdocs/ssl/ntopng-cert.pem and then restart ntopng service ntopng restart

Script for auto-update

Create a bash script: nano /usr/local/etc/restart_ntopng.sh (requires nano to be installed - use vi otherwise) Add the above commands to the script

#!/bin/sh
cat /conf/acme/yourdomain.tld.all.pem /conf/acme/yourdomain.tld.fullchain > /usr/local/share/ntopng/httpdocs/ssl/ntopng-cert.pem
service ntopng restart

Make the script executable chmod 755 /usr/local/etc/restart_ntopng.sh Go to Services > ACME > Certificates > yourdomain.tld and add the script as a Shell Command under the Action list ACME Screenshot 2