migrating sg-1100 config to sg-2100 - any issues to be aware of?
I just purchased an SG-2100 to replace the SG-1100 we are currently using at my work and I would like to use the most recent backup of the SG-1100 to do the initial setup of the 2100. Before I move ahead with that I thought I would ask ahead of time if there are any issues to be aware of. I did see one post here referring to a migration from an SG-1100 to and SG-3100 and issues due to different default VLAN protocols between the 2 devices.
My plan is to use the preserve switch configuration option. Currently I have no VLANs or LAG configured on the 1100. And the only packages I am running are Snort and pfblockerng-devel.
Any advice or other tips are appreciated. Thanks
@pzanga I did the same upgrade (to get a SFP port), and it was a eventless and simple upgrade in my situation.
The only “gotcha” to be weary of is that SG-2100 is not default configured with a OPT1 interface.
The SG-1100 is a mvneta0 NIC to switch only, so all interfaces are switch ports in “descrete” mode by Running VLAN encapsulation.
The SG-2100 has a mvneta0 NIC dedicated for the WAN port and mvneta1 port that is connected to a 4 port switch (all LAN by default and NOT running in descrete mode by using VLAN encapsulation).
So if you are not using/running the OPT1 interface in your SG-1100 just import the config (set preserve switch config). Assign WAN and LAN to mvneta0 and 1 accordingly and you are good.
If you are using OPT1, you need to make a choice by either reconfiguring the SG-2100 switch to descrete mode after the restore and reassign your configs OPT1, or attempt to import the SG-1100 switch settings, and then reassign WAN from the current VLAN to MVNETA0
@pzanga Don't forget that Netgate offer 'Zero-to-Ping' support and will help with issues importing an old config onto one of their appliances.
@keyser Thanks for the advice. I was hoping this would be eventless and simple, but that never seems to be my luck with these things.
I do not have OPT1 configured/enabled on the SG-1100, so figured this would be simple. However, after restoring the SG-1100 config to the Sg-2100 I could not access the webgui for the SG-2100 on either 192.168.1.1 (the default) or 192.168.0.2, which is the IP address configured on the SG-1100. Now, I did not configure anything on the SG-2100 before the restore i.e. I skipped over the setup wizard and went right to restore. Should I have done some initial config of LAN or WAN, or something, first? I did a factory reset via console, so I am back at square one. And of course I didn't think to use the console to check what the config looked like before resetting to factory defaults.
Any thoughts appreciated as always.
@bigsy Thanks. I'm hoping to avoid support, but good to know they are there. My experience with them in the past has been fantastic.
@pzanga with a factory reset of SG-2100 you should just login to it’s initial web interface, skip the wizard, restore config, remember to select preserve switch config and hit go.
It should show you a interface assignment guide after that - and before reboot. If not and it just reboots, you will need to use the assign interfaces feature on the console after reboot.
WAN should be assigned mvneta0, LAN to mvneta1
@keyser Thanks again. I went back and retried and still didn't get the interface assignment guide before reboot. So I accessed the SG-2100 via console (and paid attention this time) and noted WAN/LAN interfaces were assigned to mvneta0.4090 and mvneta0.4091, as if still on the SG-1100. Used the console to make the correct assignments and things look good now. Still need to test the config, but I can access the webgui so I should be good.
Remember to remove the VLAN’s as Well as they are No longer needed