Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Interfaces won't pass traffic after restore from working backup on XG-7100

    Scheduled Pinned Locked Moved Official Netgate® Hardware
    4 Posts 2 Posters 562 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      noconnection
      last edited by

      Ok, gonna try not to turn this into a novel but I'm at my wits end...

      Have a single Netgate XG-7100 that's working fine with eth1 a WAN connection, eth2 the LAN connection, eth3 another WAN connection and eth4 a 4g adapter. eth1 and 3 are static IP's, while eth4 is dhcp. eth2 is running a dhcp server for the corporate lan. On the standalone unit everything is working fine but it's a loaner. I figured I'd backup the config from the loaner and restore it to unit 1 of the HA pair and just run standalone until I could add the HA config and VIP's...

      So took a backup of the working unit (all 4 interfaces up and humming along as intended) and restored it to the target. Everything looked good so I moved all four connections over to the same ports as the loaner and only eth1 and 2 came up correctly. Eth3 says up with the right IP assigned but isn't passing traffic (shows a few bits of outbound traffic but not showing up under gateways and not able to ping like eth1 is) eth4 claims to be up but is not getting a DHCP address from the 4G appliance. I thought perhaps the core router was caching MAC addresses (even though eth1 comes through the same vendor router) so rebooted that as well as the 4G appliance...no affect. when I moved all the connections back to the loaner model everything just worked.

      I'm at a complete loss for what to check so was hoping someone here had some inspiration...

      Thanks in advance!

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        I would look at the output at the command line or ifconfig -a and etherswitchcfg. It sounds like you have something low level missing there.

        It's possible the running device has some temporary setting that is not in the config allowing it to work. I would not reboot that unless you have to!

        If you still have issue there I would suggest opening a ticket with us at: https://go.netgate.com where we can review the real private config.

        Steve

        N 1 Reply Last reply Reply Quote 0
        • N
          noconnection @stephenw10
          last edited by

          @stephenw10 the uncommitted change has me on pins and needles...is there a way to force the running config to memory so I can get a complete backup? I'm not in the office today and that FW is not on the network that I can reach remotely so I'll run the command between both units to see if there's any noticeable difference.

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            It's not like an uncommited change like you might find on a switch. If there is something set that's allowing it to function it would have to have been done manually from the CLI. There's no way for the config to know about that but it seems unlikely unless maybe there was a lot of trouble-shooting on that firewall at some point.
            Try running those two commands on the running firewall and compare the output with the non-running device.

            Did you open a ticket?

            Steve

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.