Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Problems starting SG-1100 with autoconfigbackup from Gold Membership backup

    Scheduled Pinned Locked Moved Official Netgate® Hardware
    1 Posts 1 Posters 273 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      Orthochirus
      last edited by

      Hi,

      First time posting in the new forum, unfortunately couldn't retain my older login since I only had user/pass and not email noted.. :(

      I just bought the SG-1100 hw and having had the pfSense Gold Memberhip for some time and also having used the autoconfig backup that came with it, I naturally want to try to import the config from there so I don't have to build all config up from scratch.

      I don't have a massive bandwidth but have some 10 interfaces, most VLANs, 5-6 CAs, some 20 users and perhaps 40 different certs, quite a lot of FW rules and a lot of config like dyn DNS, captive portal and also both remote access VPNs and a smaller number of site-site VPNs. Not too interested in having to do all that from scratch..

      So I'll try and describe what I want and what I have done.

      What I want to have in the 1100 is:

      WAN - on a untagged sw port member with PVID to VLAN n
      LAN - on a untagged sw port member with PVID to VLAN nn
      OPT as parent interface for some 5-10 VLAN interfaces - TAGGED sw port

      And that is approx what I use in my old setup that needs replacing and it works perfectly.

      I have started the 1100, configured it so everything work and then did a local backup of config.

      Then I configured the autoconfigbackup, filling in the old 'legacy' settings and pulled down the old config to rewrite with.

      Upon doing the loading of the old config the unit was sitting blinking green for some time and I was too lazy setting the console access up so I let it sit throught the night.

      Day after I looked at it again, still blinking, accessed console which worked very nicely. I then see that it's sitting waiting for me to remap some interfaces which I do and shortly after I was sitting looking at what appears to be a normal console meny with WAN and LAN assigned.

      Checking interfaces in terminal I see a lot not valid but think maybe I can clean that up if I can just enter webgui.

      Now here I am getting sort of stuck.

      In console I see the normal page with commands and serial etc and my WAN and LAN like:

      WAN -> mvneta0.10 ->
      LAN -> mvneta0.20 -> v4: 10.20.30.1/24

      WAN is not connected at this time and if it was I don't think it would have worked, see below.

      I am having problems getting traffic to the fw and have still not been able to access gui.

      If I connect a cable to LAN I cannot ping FW.
      If I run tcpdump in 1100 I see the arp requests over the wire but there is no return sent from FW.

      I'm not sure how I should read the info, I see there are some discussions herein about these hw having a swith internally and that it works in special ways etc.

      Is it expecting only tagged traffic incoming to ports? I have tried different settings in the switch tagged/untagged etc but haven't been able to get it to work.

      For LAN should I use VLAN 20 (as per above) and tagged info? Have tried and for some reason it doesn't work. I realize there's some not applicable info in config but I hope to to able to clean that up once logged on to gui.

      Maybe someone here can help me in the right direction?

      TIA,

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.