Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Configure new SG-2100 from local backup

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 3 Posters 244 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      detox
      last edited by

      Hello All!

      I have 10+ SG2100's I need to configure for deployment. Each will have the same configuration except for the LAN Net settings.

      I'd like to create a local backup of the first appliance and use this backup to install on the other new SG-2100's instead of configuring everything on each one.
      Is this possible / acceptable?
      If so, it would save me a bunch of time. Once I corrected the LAN settings I can then do an Auto-save to cloud for re-installs if needed.

      Bottom line - - I do not want to spend the time to hit all the settings / confguring / installing of plugins etc for each one.

      Thanks for any suggestions.

      S JeGrJ 2 Replies Last reply Reply Quote 0
      • S
        SteveITS Galactic Empire @detox
        last edited by

        @detox The short answer is yes.

        Since it will restore passwords, keys, CAs, etc. you may wish to restore parts of the config file, or change the above afterwards:
        https://docs.netgate.com/pfsense/en/latest/backup/restore.html#restore-options

        I don't think that can restore package data though.

        https://docs.netgate.com/pfsense/en/latest/recipes/changing-credentials.html

        For just a quick restore the ECL doesn't require a login:
        https://docs.netgate.com/pfsense/en/latest/backup/restore-during-install.html#restore-using-the-external-configuration-locator-ecl

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote ๐Ÿ‘ helpful posts!

        1 Reply Last reply Reply Quote 1
        • JeGrJ
          JeGr LAYER 8 Moderator @detox
          last edited by

          @detox You can do that, yes, but you should perhaps remove the SSH Host Keys or stuff that is -or should be- host specific from the XML.

          So I'd recommend making a quick checklist what you have to change (e.g. admin PW should really change on the boxes), then backup, remove one or two things from the XML and use it for bringing those other boxes up and work your checklist to change passwords and stuff while also doing the next box.

          We had such a prod-line at some point and it worked quite well. If you prepare a FAT32 USB Stick with the XML file, you can use that one to boot up the other boxes and the config will get loaded while booting when the stick is recognized by the PFI/config loader. So you even save on the "login, restore config, reboot" step.

          Cheers

          Don't forget to upvote ๐Ÿ‘ those who kindly offered their time and brainpower to help you!

          If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

          1 Reply Last reply Reply Quote 1
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.