Migrating from sg3100 to a i5 firewall
-
I am going to move to an intel i5 firewall. I am hoping to use a backup xml from my sg3100 to load all of the settings to the new device.
A potential problem I see are the interfaces are named differently on the sg3100. Do I need to edit the xml file to capture the new interface names or is there another method?
I sm hoping the rest of the configuration goes EZ so I don't have to duplicate everything by hand.
Thanks in advance for the insights.
-
@amarcino Hi I did this a couple of times when moving my config from physical to VMware. It should be no problem once you make some preperations.
What you can do is:
- remove all extra packages (like pfblocker etc)
- export the config file
- find the name of the network interface on your new firewall. To do this just install pfsense and login to check it. No need to configure anything yet.
- find the network interface name of your sg3100
- using notepad++ find and replace the old network interface names with the new one from your new i5 system. Like replace igb0 with em0 etc.
- import the modified config.xml on your new i5 system.
This method always worked for me. Goodluck!
-
Thanks. I guess all of the additional packages you want will have to installed and configured on the new device by hand?
I was hoping to avoid that if at all possible.
-
@amarcino Hi. Depending on the package there should be an option there to Keep Settings (pfblocker has that option for example). That option should be enabled before uninstalling the package. On your new system when you install the same package it should restore the configuration.
-
@amarcino If you're familiar with XML, you can edit the interface names in the file and then restore. But, IIRC pfSense will prompt to select interfaces during the restore.
-
Thanks for the insights. I will be doing this in the next few days.
-
When I changed firewall hardware, I just copied over the config.xml and then tweaked it for the new interface names. My old firewall had 1 each Intel, Broadcom and Realtek NICs. The new one has 4 Intel.
-
Thanks you all for the insight. The XML file and modifications worked great.
