Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Interfaces won't pass traffic after restore from working backup on XG-7100

    Official Netgate® Hardware
    2
    4
    82
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      noconnection last edited by

      Ok, gonna try not to turn this into a novel but I'm at my wits end...

      Have a single Netgate XG-7100 that's working fine with eth1 a WAN connection, eth2 the LAN connection, eth3 another WAN connection and eth4 a 4g adapter. eth1 and 3 are static IP's, while eth4 is dhcp. eth2 is running a dhcp server for the corporate lan. On the standalone unit everything is working fine but it's a loaner. I figured I'd backup the config from the loaner and restore it to unit 1 of the HA pair and just run standalone until I could add the HA config and VIP's...

      So took a backup of the working unit (all 4 interfaces up and humming along as intended) and restored it to the target. Everything looked good so I moved all four connections over to the same ports as the loaner and only eth1 and 2 came up correctly. Eth3 says up with the right IP assigned but isn't passing traffic (shows a few bits of outbound traffic but not showing up under gateways and not able to ping like eth1 is) eth4 claims to be up but is not getting a DHCP address from the 4G appliance. I thought perhaps the core router was caching MAC addresses (even though eth1 comes through the same vendor router) so rebooted that as well as the 4G appliance...no affect. when I moved all the connections back to the loaner model everything just worked.

      I'm at a complete loss for what to check so was hoping someone here had some inspiration...

      Thanks in advance!

      1 Reply Last reply Reply Quote 0
      • stephenw10
        stephenw10 Netgate Administrator last edited by

        I would look at the output at the command line or ifconfig -a and etherswitchcfg. It sounds like you have something low level missing there.

        It's possible the running device has some temporary setting that is not in the config allowing it to work. I would not reboot that unless you have to!

        If you still have issue there I would suggest opening a ticket with us at: https://go.netgate.com where we can review the real private config.

        Steve

        N 1 Reply Last reply Reply Quote 0
        • N
          noconnection @stephenw10 last edited by

          @stephenw10 the uncommitted change has me on pins and needles...is there a way to force the running config to memory so I can get a complete backup? I'm not in the office today and that FW is not on the network that I can reach remotely so I'll run the command between both units to see if there's any noticeable difference.

          1 Reply Last reply Reply Quote 0
          • stephenw10
            stephenw10 Netgate Administrator last edited by

            It's not like an uncommited change like you might find on a switch. If there is something set that's allowing it to function it would have to have been done manually from the CLI. There's no way for the config to know about that but it seems unlikely unless maybe there was a lot of trouble-shooting on that firewall at some point.
            Try running those two commands on the running firewall and compare the output with the non-running device.

            Did you open a ticket?

            Steve

            1 Reply Last reply Reply Quote 0
            • First post
              Last post

            Products

            • Platform Overview
            • TNSR
            • pfSense
            • Appliances

            Services

            • Training
            • Professional Services

            Support

            • Subscription Plans
            • Contact Support
            • Product Lifecycle
            • Documentation

            News

            • Media Coverage
            • Press
            • Events

            Resources

            • Blog
            • FAQ
            • Find a Partner
            • Resource Library
            • Security Information

            Company

            • About Us
            • Careers
            • Partners
            • Contact Us
            • Legal
            Our Mission

            We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

            Subscribe to our Newsletter

            Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

            © 2021 Rubicon Communications, LLC | Privacy Policy