Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Changing firewall HW

    Scheduled Pinned Locked Moved General pfSense Questions
    newbuildrestore
    6 Posts 3 Posters 1.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • AndyRHA
      AndyRH
      last edited by

      I am changing firewall HW. The interfaces are completely different.
      If I define the interfaces the same on the new system, such as LAN, WAN and OPT1, then restore the old FW to the new one excluding interfaces, will I have moved my config?
      Because I cannot restore everything but interfaces at 1 time, if I restore everything old to new then restore only interfaces new to new will I, in theory, end with a working FW?

      Thank you,

      o||||o
      7100-1u

      1 Reply Last reply Reply Quote 0
      • AndyRHA
        AndyRH
        last edited by

        I resend the questions. Restoring old FW to new FW then restoring just the new FW interfaces made the FW angry and it would not talk to me. Learned something and got to use the factory reset button.

        Creating the interfaces to match the old FW and then selectively restoring the bits worked for everything except OpenVPN.

        o||||o
        7100-1u

        V 1 Reply Last reply Reply Quote 0
        • V
          viragomann @AndyRH
          last edited by

          @andyrh
          I succeed in the past by exporting the interface configuration from the new to get the interface hardware ports from the new (like igb0,..) and replaced the respective old hardware ports in the exported config.xml from the old device with the new ones (in the interfaces section and if applicable in ppps and vlans sections). Saved it and imported it into the new device and it worked straightaway.

          1 Reply Last reply Reply Quote 0
          • AndyRHA
            AndyRH
            last edited by

            The OpenVPN interface was created just not assigned. A little work and it was fine.
            Did discover a way to make pfSense a little better, add a button to remove DHCP from disabled interfaces. I had to create an interface and enable it to remove DHCP before I could re-create the same interface and enable it for OpenVPN.

            o||||o
            7100-1u

            1 Reply Last reply Reply Quote 0
            • stephenw10S
              stephenw10 Netgate Administrator
              last edited by

              Yeah, if you make config changes outside the gui or restore parts of the config only you can bypass the input validation. That can leave the firewall with dhcp enabled on interfaces that are not.
              I would expect to be able to restore the old config and simply re-assign the interfaces in the gui before rebooting.
              If you do have an especially complex config though it can be easier to edit it to use the new interfaces directly. There is always risk there of course.

              Steve

              1 Reply Last reply Reply Quote 0
              • AndyRHA
                AndyRH
                last edited by

                In my case I imported the OpenVPN configuration which defined an interface. I had previously defined and deleted a physical interface which I had configured DHCP. The 2 aligned to the same name, OPT3. This may be an uncommon result.

                o||||o
                7100-1u

                1 Reply Last reply Reply Quote 1
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.