Can't Restore ipsec config from 2.4.5 after upgrade to 2.5.1 Pfsense freeze at boot
-
after upgrading to 2.5.1 i couldn't retore de config.
i tried restoration on other 2.4.5 install on same hardware and i was surprise to have the same problem.
then i tried a restoration on 2.5.2 and again same probem.
i tried to restore section by section manually then everything was allright until i restored the ipsec section.
i had modify by hand the config file removing the ipsec section, then the pfsense boot normaly with the right conf exept the ipsec.i am quiet surprise with this problematic, did someone already had this problem?
-
What do you mean "couldn't restore the config"?
What was the problem?
Was there an error? If so, what was it? Was it in the log? On the console? A notification? Something else?
Restoring section by section will not run the configuration upgrade code, so it's dangerous to do when using an older configuration on a newer base system.
-
@jimp
hi,
i can't see any error, neither can i see the log because the pfsense stop loading at the Lo interface and the keyboard is not reponding anymore. i juste know that it still working cause when i plug or unplug an usb key the console show it.
i am a bit lost on this one, and i need to be able to restore the config on a new hardware in case of desaster. i have around 15 vpn ipsec with multiple phaze 2 and doing it manually would take ages.
thank you for your help. -
So it stops booting?
Can you take a screenshot or photo of where it stops? (Or copy/paste the whole boot output if it's a serial console)
-
that is where it hang.
-
It says in the output there that it's using the serial console as primary, not video.
So connect to the serial console and see what's going on there.
If you are restoring a config from a system that had a serial console and this one doesn't, you'll need to edit the config and remove the console config before restoring.
-
You can also force it to boot with video as the primary console:
https://docs.netgate.com/pfsense/en/latest/troubleshooting/boot-issues.html#booting-with-an-alternate-consoleOnce you have fixed whatever the problem is, probably an interface mismatch, you can set the primary console in System > Advanced > Admin Access.
Steve
-
@stephenw10
hello stephenw10,
sorry for the delay i was not at the office for testing.
I feel so stupide to haven't think about that alone, you were completly right as soon as ii changed serial to vga i could see all the boot.
i steel have a lot a difficult to access my web interface cause it take ages to change page, i suppose it's because i have only one router with the Ha and no internet cause the old routeur is still in production. i suppose that the fact the the routeur hang several minute on ipsec when booting is du too that cause too. i will switch the routeur next week if everything is ok.Anyway thanks a lot for your help.
have a nice week end