Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Easiest way to transfer config between different hardware platforms

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    6 Posts 2 Posters 996 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dzeanah
      last edited by

      I just moved from a big, fancy, expensive datacenter in another state to a a local location.  As an interim firewall solution in the new location I used an SG-2440 I already had, but now that I've taken all the old hardware down I'd like to use it in the new location.

      I was using an SG-8860 as a primary with an old Netgate Hamakua configured as failover.  I don't have enough routable IPs in the new location to configure these as they used to be, so what I'm thinking about doing is:

      • Copying the configuration from the SG-2440 to the SG-8860 and Hamakua

      • Using the SG-8860 as my firewall, with the (usually) powered down Hamakua preconfigured so I can use it as a backup by just powering it up.

      Pretty simple.  I'm just wondering if there's a simple way to carry the configuration from the 2440 to the bigger boxes without simply recreating everything from scratch.  I'm certain it's not as simple as uploading a backup to the new machine and making sure the interfaces are configured correctly, but maybe it is…

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        It usually is just that simple.

        1 Reply Last reply Reply Quote 0
        • D
          dzeanah
          last edited by

          I'm glad to hear that.

          I tried it last night and everything came across cleanly, except a warning that packages were being installed in the background, and I could never get the new firewall to route.

          Soooo, I uninstalled bandwidthd and suricata (the only packages installed), did it again, and the firewall is trying to install packages again, but when I switch the ports over I'm not seeing it route data.  So something's up.

          I'll post here once I figure it out.  So far my ISP says it's not something like a MAC address permissions issue.

          1 Reply Last reply Reply Quote 0
          • D
            dzeanah
            last edited by

            OK, for future forum searchers who run into this problem, here's the story:

            In my case, the configuration apparently came across cleanly, but traffic wouldn't route to the Internet (DNS lookups and traceroutes failing), DHCP wasn't being serviced on the lan, and OPT3 OPT4 interfaces were blinking with traffic while WAN and LAN traffic was doing a slow, stupid blink.

            It turns out interface igb1 on my SG-8660 is the WAN, and ibg0 is the LAN.  That's a complete surprise to me, and it made the configuration switchover fail as well.

            Once I realized that, everything ran smoothly.  It just took plugging in a LAN port and seeing which port was marked as UP on the Dashboard.

            1 Reply Last reply Reply Quote 0
            • KOMK
              KOM
              last edited by

              Yes, interfaces will usually need to be remapped but I thought you already knew that from your first post.

              1 Reply Last reply Reply Quote 0
              • D
                dzeanah
                last edited by

                @KOM:

                Yes, interfaces will usually need to be remapped but I thought you already knew that from your first post.

                I did.  It's just that the hardware looked so similar…...  :)

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.