Migrating from Mini Computer with pfsense to 6100
-
Hello, I have a mini computer I use to run the latest version of pfsense CE software and I have just purchased a Netgate 6100. So, I'm wondering what is the best process to move to the 6100...
- Do I update my current pfsense mini computer to pfSense Plus
- Backup the configuration
- Setup 6100 with pfSense Plus and then bring in the new configuration file.
Or, what would be recommended?
-
@kevin-4 A pfsense+ 6100 will import your current CE config file just fine. All you have to do is assign the logical pfsense interfaces to the new physical NICs. The import wizard will help you there. If mistakes are made it’s easu to reassign interfaces again in the serial console - no need to start over.
-
J jimp moved this topic from Problems Installing or Upgrading pfSense Software on
-
Same thing for me I guess then?. Going from a PFSENSE+ Install on a Dell PC to a new NETGATE 3100 box. Is this quite a easy process "All you have to do is assign the logical pfsense interfaces to the new physical NICs. The import wizard will help you there."
Many Thanks Appreciated!
-
The 3100 has 3 NICs and a switch. If your existing install has 3 or fewer NICs then, yes, you can import the config directly and just re-assign the NICs.
If you have 4 or more interfaces you will need to reconfigure the 3100 switch and use VLANs to segregate one of the ports. We can assist you with that if you open a ticket though.Steve
-
@keyser When I try to use the configuration file to import the settings into the 6100, it doesn't recognize the old Vlan interfaces and I don't see a way to reassign them?
-
It's possible to do it at the gui but it's painful and easy to get wrong. If I was doing that I would edit the config file directly and swap out the interface names. I've done that thousands of times though. It's easy to typo it without the gui error checking.
If you open a ticket we can convert that config for you so it imports directly:
https://www.netgate.com/tac-support-requestSteve
-
@stephenw10 Thanks Steve, I don't have a complex home system, so rebuilding the firewall/network wouldn't be that big a deal.
Now that I have more ports than I need on the back of the Netgate, I may just do away with the switch I'm using to route the vlans and route them directly from the Netgate ports. That would be less hardware to worry about. Thoughts?
-
@kevin-4 Are you sure you are using the switch to route the VLAN’s? Since you have the VLANs defined in your pfSense config, I would assume your pfSense is routing for them (pfSense = default gateway on each subnet).
So if you are asking if you should drop VLANs, and just use physical interfaces instead, then sure - if you have enogh switchports.
-
@keyser Thanks, my terminology was not good. I use the switch(s) to allow access to the vlans via other devices, like wireless routers and switches which are in different locations of my home.
Thank you for your feedback! These forums are great.
-
I would not remove the switch if you have multiple devices on the same VLANs talking to each other. The 6100 ports are not a switch. If you have devices connected to them that need to be in the same subnet they would have to be bridged and that uses significant CPU cycles. An external switch can do that without loading the firewall.
Steve
