Migration to SG-3100
I just ordered the SG-3100 and have a question on the migration from my current pfSense configuration.
The expected path would be: backup complete from current system, unplug current system, plugin SG-3100, restore backup. However, there are a few things I would like to check:
- will packages be automatically installed based on the restore of the configuration? If not, do I manually (one-by-one) install them? If so, before/after the restore of the profile? On the backup/restore page there is an option to reinstall the packages. Is that a better option to install them on the new system or is that only for reinstalling already installed packages?
- when doing the install on the new system I will need to (of course) unplug the old system (or we will have an IP conflict) but is the new system not "unprotected" between plugging it in and restoring the profile from the old system?
Perhaps these are non-issues but I want to be sure to not have a bad start with the new system.
Yes, it will try to install any packages that were installed on the old system at first boot after the config restore. However you may want to uninstall the packages on the old system and use that config file. Afterwards you can install the packages again on the SG-3100 and it will retain the settings. Doing that avoids a situation where it cannot install the packages at first boot for whatever reason, the WAN requires a config change for example.
The default setting is 'block everything coming in' so it will never be completely unprotected. However the subnets may be different etc so you might want to connect only the WAN and one LAN client until the old config is restored.
KOM last edited by
However you may want to uninstall the packages on the old system and use that config file.
Wouoldn't it be simpler to just uncheck the Skip Packages box when doing a backup? Or do they not behave the same?
Skip packages removes the package config info which you will want present when you re-install the packages. Assuming you don't want to have to reconfigure them again. ;)
An option to 'mark packages as un-installed' might be useful though. Not sure how much work that would be.
I followed the suggested approach (removing packages on old system, create config backup on old system, restore config backup on new system, reinstall packages on new system). All worked fine but I overlooked one thing… Thanks to a prompt reply fro Netgate support I managed to resolve this.
The issue was that the network card configuration (the network interface naming in the config backup was not compatible with the new system) and the device got stuck in the console waiting for network card assignment. Connecting through a serial connection with the console I could select interfaces and proceed.
Thanks for the support!