Upload configuration to a Netgate 7100 from other PfSense
-
Hello and sorry for my poor english.
This post is my contribution to this forum to explain my methode to transfer the configuration from a PFSense device to a XG-7100 device without issues with the interfaces.
I don't know if this is the area to explain this, but I've found other post talking about this here, for example: "Lost Lagg0 interface on XG-7100 when restoring configuration".
First of all. You need some knowledge on Pfsense and how XG-7100 uses their switch. You'll find some literature on Netgate's web site.
Let's start.
I have 2 machines. The old one, a server running Pfsense, in production. Name it Old Server.
The new machine, a XG-7100, running Pfsense+. Not in production. Name it New Server.In the Old Server I have many interfaces and VLANs, VPNs, Rules and so on, and I want to trasfer all to the New Server . As you know, it's not possible to load the Old Server config to the New Server due the different interface configuration, and people had many issues on this.
Remember, you can connect to your New Server via USB. It will help you in case of problems.
My solution:
-
Save Old Server all configuration unencripted in a file. Save it for later.
-
Go to New Server. Define the switch configuration based in your knowledge of your net.
Assign the VLANs to your needs. Don't worry if these VLANS are not created in Pfsense+. Now we are configuring the switch. You can use the predefined VLANS or create your own. You have to create your existing VLANS and new VLANs for your isolated ports. (Read XG7-7100 Netgate manuals about it, if you don't understand this.) -
Once the switch is configurated, goto Assign-Vlans in the New Server and create all your VLANs. Remember to assign all of them to lagg0 (Again, read manuals). Only create the VLANS, DO NOT ASSIGN TO INTERFACES. In interfaces you can leave default wan and default lan.
-
Revise your configuration. There is allways something wrong ;-)
-
Save New Server all configuration unencripted in a file.
-
Open Notepad+ or a text editor.
-
Open Old Server config and in another tab the New Server Config. ( They are editable XML).
-
Copy Lagg and VLAN definition from New Server. ( from <lagg> to </lagg> and from <vlan> to </vlan>).
-
Paste on Old Server configuration file. Delete Old Server Vlan definition and replace it with New Server definition. Remember to ad prior the lagg configuration from new to old server.
-
On Old Server's file, go to interfaces area. Change the interface name to the new created interfaces. For example rf1 on Old Server must be lagg0.4090. Be aware. You must know your old configuration and what you have defined in the new server. You have to know wich VLAN is the replacement of any old interface. You must edit the text in <if> </if> of every entry.
-
If your Old Server had some PPPs or other definitions, go to their definition area and change to the right new interface.
-
You don't need to edit DHCPs, Rules, Default Gateways, as these definitions are referenced to the internal name of every interface ( wan, lan, opt1, opt2 and so on...)
-
Revise your configuration. If both of your servers are in the same network check the lan IP and change it. (If not, both servers will have the same IP!!)
-
Save the Old Server configuration file.
-
Go to your New Server and load this configuration file (The edited Old Server's)... and voalà!
-
If there are no problems the New Server will restart.
-
If you can't open the New Server Web, try it on another browser.
-
If you have to change a PVID of the New Server switch you can do it via USB. Use the command: "etherswitchcfg" to see the configuration and use "etherswitchcfg Port8 pvid 10" to change Pvid of port 8 to 10, for example.
And that's all. This worked for me. Now I have my XG-7100 with the same configuration as the Old Server ( Certificates, VPN, Rules, NAT etc...)
I hope it will be useful for someone.
Daniel
-
-
@dapobe said in Upload configuration to a Netgate 7100 from other PfSense:
I hope it will be useful for someone.
Hi Daniel,
you want to collect "upvotes" with this - I gave you one
welcome to the team, so this is not meant as an attack but more of a joke
+++edit:
I hope you won't be a SPAMMER :), hihihihi -
@dapobe Hopefully the posting will be helpful to others. Netgate has posted here before if someone opens a free support ticket (go.netgate.com) they will help convert configurations to a switched appliance.
-
@steveits said in Upload configuration to a Netgate 7100 from other PfSense:
Hopefully the posting will be helpful to others.
hmmm, so you're back and you won't forget?
I love you man, but you know that...
+++edit:
I hope your style is honed by a serious CNC..... :)
