What Software for SG-3100

toto850

Could someone advise if I am allowed to run pfSense CE software
(Ver 2.7.2 )on Netgate SG-3100, this is due to the fact I need to test a few configuration before implementing the same config file to Production.

If the answer is yes is it a simple case of installing 2.7.2 using the USB Interface?

At the same time I would like to know could I be able to revert back to pfSense Plus software (Ver 24.03) by downloading and loading it by way of USB Interface again.

Regards
T

mcury

@toto850 Unfortunately you can't, SG-3100 is ARM and there isn't a CE edition for ARM devices, at least yet.
I would do it in a lab environment, have you tried GNS3 ?

toto850

@mcury many thanks for quick response, it is more than network topology I need to test or check where the production firewall is based on CE software so I need to simulate that system in sg-3100 then once it is proven it works I was planning to apply it in the Production system.

mcury

@toto850 It's currently not possible to run CE on ARM devices such as the SG-3100.
I have a GNS3 lab environment here that I'm using to test things before deploying , you can do almost anything with it, didn't find yet an use case that GNS3 can't emulate for pfSense.

Also, SG-3100 has a builtin switch that as far as I know, the CE version of pfSense doesn't support, so there is that also.

At the same time I would like to know could I be able to revert back to pfSense Plus software (Ver 24.03) by downloading and loading it by way of USB Interface again.

If you need to reinstall, just open a ticket with Netgate and request the firmware, its free.
https://www.netgate.com/tac-support-request

stephenw10

If the prod firewall is running CE it's not a 3100, or any other device with a switch, so it would be better to test on some other x86 machine. Even if that's a VM.

toto850

@stephenw10 it looks like I take your proposal, as the Production system is seating within VmWare at present I would do just that.

My only query at start was as I have sg-3100 round seating on my desk not been used, I thought I can do that.

Once again, everyone thank you so much for your advise and guide.

Regards

T

SteveITS

@toto850 You can restore from the same or older config file version to newer:
https://docs.netgate.com/pfsense/en/latest/backup/restore-different-version.html

So in theory you could restore from 24.03 to CE 2.7.2 or later.

The 3100 can run 24.03 but is missing a few packages. Or you can run 23.09.

I don't think Netgate has said whether 24.08 will run on a 3100 but I would not expect it to.

stephenw10

It does currently but there are some additional limitations. It won't support the MIM stuff for example.

[24.08-DEVELOPMENT][admin@fw1.stevew.lan]/root: uname -a
FreeBSD fw1.stevew.lan 15.0-CURRENT FreeBSD 15.0-CURRENT #0 plus-devel-main-n256392-adc64f2776e: Thu Sep 26 20:04:12 UTC 2024     root@freebsd:/var/jenkins/workspace/pfSense-Plus-snapshots-master-main/obj/armv7/RY73AP1f/var/jenkins/workspace/pfSense-Plus-snapshots-master-main/sources/FreeBSD-src-plus-devel-main/arm.armv7/sys/pfSense-3100 arm

At some point it will become very difficult or impossible to maintain the 32bit arm tree for just that device.

michmoor

@stephenw10 Will the SG1100 support MIM ?

stephenw10

@michmoor said in What Software for SG-3100:

Will the SG1100 support MIM ?

Yes. And the 2100. It builds for aarch64 just not armv7.