Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense backup - automated without Gold on Windows Only

    Off-Topic & Non-Support Discussion
    5
    5
    2.4k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Y
      yodaphone
      last edited by

      Hi all

      not sure where to post this, but found a neat little command line tool for windows to backup pfsense config.xml. you can create Task Schedule based on this.

      https://github.com/KoenZomers/pfSenseBackup

      just download & unzip the file.

      run pfsensebackup.exe with these options

      pfSense Backup Tool v2.4.1 by Koen Zomers

      ERROR: No arguments provided

      Usage:
        pfSenseBackup.exe -u <username>-p <password>-s <serverip>[-v <pfsense version="">-o <filename>-usessl -norrd -nopackage]

      u: Username of the account to use to log on to pfSense
      p: Password of the account to use to log on to pfSense
      s: IP address or DNS name of the pfSense server
      v: PFSense version. Supported are 1.2, 2.0, 2.1, 2.2 and 2.3 (2.2 = default, optional)
      o: Folder or complete path where to store the backup file (optional)
      e: Have pfSense encrypt the backup using this password (optional) RECOMMENDED
      t: Timeout in seconds for pfSense to retrieve the backup (60 seconds = default, optional)
      usessl: if provided https will be used to connect to pfSense instead of http
      norrd: if provided no RRD statistics data will be included
      nopackage: if provided no package info data will be included
      silent: if provided no output will be shown

      Example:
        pfsenseBackup.exe -u admin -p mypassword -s 192.168.0.1
        pfsenseBackup.exe -u admin -p mypassword -s 192.168.0.1:8000
        pfsenseBackup.exe -u admin -p mypassword -s 192.168.0.1 -usessl
        pfsenseBackup.exe -u admin -p mypassword -s 192.168.0.1 -o c:\backups -norrd
        pfsenseBackup.exe -u admin -p mypassword -s 192.168.0.1 -o c:\backups\pfsense.xml -norrd -nopackage
        pfsenseBackup.exe -u admin -p mypassword -s 192.168.0.1 -o "c:\my backups"
        pfsenseBackup.exe -u admin -p mypassword -s 192.168.0.1 -e "mypassword"
        pfsenseBackup.exe -u admin -p mypassword -s 192.168.0.1 -t 120

      Output:
        A timestamped file containing the backup will be created within this directory unless -o is being specified

      If you use SSL then make sure you use the -usessl flag otherwise you'll get this error

      Error: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.</filename></pfsense></serverip></password></username>

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        I would not encourage anyone to pass their firewall credentials to a pre-compiled binary of any kind, especially one for windows.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • JeGrJ
          JeGr LAYER 8 Moderator
          last edited by

          Also if you need to run an .exe via Tasks anyway you could - without much effort - run an scp oder sftp client, that copies the config.xml from the config directory to the local drive (or any other config.xml file that is available via config history). As you could run this with a "normal" pfSense user that only needs ssh / shell usage and can run via SSH private keys, that feels like a safer variant of using some precompiled binary with your admin credentials. But that may be just me.

          Don't forget to upvote 👍 those who kindly offered their time and brainpower to help you!

          If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

          1 Reply Last reply Reply Quote 0
          • M
            Mr. Jingles
            last edited by

            I tend to agree with both previous replies, even 'though I know Koen is a good guy :)

            6 and a half billion people know that they are stupid, agressive, lower life forms.

            1 Reply Last reply Reply Quote 0
            • D
              Diditbetter
              last edited by

              I love this but I do have a questions.

              This works great on our local network, but we have VPN's setup to other pfsense routers when i try to back them up I get this.

              pfSense Backup Tool v2.4.1 by Koen Zomers

              Connecting using protocol version 2.3
              Authenticating
              Requesting backup file
              Retrieving backup file
              No valid backup contents returned

              This is what I ran and the IP is going over ipsec VPN

              I:\pfsense\pfSenseBackup\pfSenseBackup2.4.1.exe -u admin -p removed -s 192.168.50.1 -v 2.3 -o I:\pfsense\backups\kron\

              I can access the IP via SSH and http over our VPN but the backup fails with "No valid backup contents returned" never seen this but never tried to backup over the PVN before.

              EDIT I also tried v2.4.2 and we are on pfsense 2.3.3-RELEASE-p1

              EDIT Number2: Never mind I found it in the readme go figure.

              2.4.2 - released February 22, 2017 - download - 10 kb

              There was a minor modification to the backup page in pfSense 2.3.3. Added support for 2.3.3 and made it the default version. So if you're on 2.3.3 you don't need to provide the -v flag. If you're still on 2.3 you need to provide the -v 2.3 still.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post