Upgraded hardware with Config Backup/Restore, Can't Access via IP
-
Hello! We just upgraded our PFsense hardware from a Netgate SG-2240 (version 2.3) to Netgate SG-3100 (version2.4.4). I took a config backup and restored it to the new hardware, updated the interfaces and all appeared to be working. When I took out the old hardware and plugged in the new, I could not access the device in my browser via the IP unless I plugged directly into a LAN port and put my computer on the same subnet. The interfaces are showing that they are connected, and lights on the ports are green. Netgate is plugged into a cisco switch, port lights are also green here. I cleared the arp cache on the cisco and can ping the IP of the netgate from that switch, but not from anywhere else. I cannot ping the switch from the Netgate even though it's directly plugged in. I'm curious if anyone has experience with this and might know what the issue could be. It seems routing related, but I'm stuck at the moment. Thanks in advance.
-
@afc_it Old ARP cached in a connected switch?
-
That was my initial thought, but clearing ARP cache on the connected switches hasn't solved it. 'show mac address-table' on the connected interfaces shows the correct mac addresses. I am noticing that on the SG-3100 it has a Switching and VLAN section that is new to me. Do I need to configure VLANs for it to work?
-
You would not normally. The default VLAN settings for the 3100 switch is ports based VLAN and that will usually carry tagged traffic to all the LAN ports.
Do you have VLANs on LAN?You may need to set it to dot1q mode and configure the switch to trunk whatever VLANs you require.
Though if it was something like that I would not expect you to be able to ping it from anywhere, including the switch.Steve
-
Yes, we do have quite a few internal VLANs. I will try configuring that and see if it makes a difference.
-
I just wanted to post my resolution to the issue I was having here. It turns out the Quagga_OSPF package was missing and that was causing the routing problems. I was finally able to figure this out due to another firewall failing and having to replace it. Going through that troubleshooting led me to realize the missing package was the root of all the problems. Hopefully this helps someone else who may have a similar issue.
