Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Backup and restore strategy (and meanwhile how to recover the encrypted file?)

    General pfSense Questions
    3
    6
    435
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      darkcorner
      last edited by

      I have a problem with a blocked remote firewall and I'm wondering if it's possible to recover it when I do the technical intervention.
      The firewall is configured to save the encrypted configuration in the cloud.
      If I install a new device, the machine will probably be different, but I still want to recover the configuration: Users, names, alias, IP address, rules, some app config..
      How do I get that file back?

      What is the best backup and restore strategy in general?
      Also, is the backup file better to be created after every change or scheduled every "X" days?

      S 1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        If you have a note of the ACB key you can just enter that in the new firewall and, as long as the password is set the same, it will be able to fetch it and decrypt it.

        Alternatively you can fetch the config on any pfSense install and download it from there.

        If you don't have the ACB key we can usually find it if you have the NDI or the hint you set.

        I personally prefer the backup after config changes option. It allows you to roll back specific changes or choose between multiple changes in one day which is normally what I'm doing.

        Steve

        D 1 Reply Last reply Reply Quote 1
        • S
          SteveITS Rebel Alliance @darkcorner
          last edited by

          @darkcorner We download the backup every time we make changes to a router, ours or a client’s. That way we have it to do a restore for an emergency replacement. Often we’ll save a copy on site there as well.

          Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
          When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
          Upvote 👍 helpful posts!

          1 Reply Last reply Reply Quote 1
          • D
            darkcorner @stephenw10
            last edited by

            I apologize for the late response, but I had other more pressing issues to follow up on.

            @stephenw10 said in Backup and restore strategy (and meanwhile how to recover the encrypted file?):

            Alternatively you can fetch the config on any pfSense install and download it from there.

            I didn't get the hint.

            If you don't have the ACB key we can usually find it if you have the NDI or the hint you set.

            and I didn't even understand this. What is NDI?

            S 1 Reply Last reply Reply Quote 0
            • S
              SteveITS Rebel Alliance @darkcorner
              last edited by

              @darkcorner ACB is the auto config backup. If configured you can set ACB up again on the new install and download the config from Netgate ("in the cloud").

              NDI = Netgate Device ID, shown on the dashboard.

              Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
              When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
              Upvote 👍 helpful posts!

              1 Reply Last reply Reply Quote 1
              • stephenw10S
                stephenw10 Netgate Administrator
                last edited by

                Can we assume you don't have a note of the ACB key then?

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.