Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Firewall Upgrade - Installation Sequence Question

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 3 Posters 479 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tman222
      last edited by

      Hi all,

      I am planning on replacing my current firewall hardware with new hardware in the near future. The current system system presently runs pfSense Plus 23.05.1. The replacement firewall hardware will all be new with the exception that I plan to reuse a 4 port 10Gbit SFP+ expansion card from the current system in the new system. I had some questions related to the new firewall installation and configuration restoration sequence. I realize that I'll have to start with pfSense CE again, but which of these two installation list of steps would make more sense given that I'm going to be swapping some hardware between the two systems?

      Option 1:

      1. Install pfSense CE 2.7 on new system
      2. Upgrade new system to pfSense Plus 23.05.1
      3. Remove network card from old system and install in new system
      4. Restore current (23.05.1) configuration from old system to new system

      Option 2:

      1. Install pfSense CE 2.7 on new system
      2. Remove network card from old system and install in new system
      3. Upgrade new system to pfSense Plus 23.05.1
      4. Restore current (23.05.1) configuration from old system to new system

      Thanks in advance for your help, I really appreciate it.

      bingo600B 1 Reply Last reply Reply Quote 0
      • bingo600B
        bingo600 @tman222
        last edited by bingo600

        @tman222
        My money would be on Step-2.
        When installing a new Netcard, my gut tells me that your NID (Netgate ID) would change.

        If you do Step-1 , you'd have to get a new NID in order to upgrade to plus.
        And you'd prob. have to get another new NID, after installing the netcard.

        PS:
        I'd already apply for a new NID (for the new box) now, you can always apply/use it later,during install.

        /Bingo

        If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

        pfSense+ 23.05.1 (ZFS)

        QOTOM-Q355G4 Quad Lan.
        CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
        LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

        1 Reply Last reply Reply Quote 0
        • jimpJ jimp moved this topic from Problems Installing or Upgrading pfSense Software on
        • stephenw10S
          stephenw10 Netgate Administrator
          last edited by

          Yup use option 2 otherwise you'll need to re-register a new NDI after swapping the NIC in.

          1 Reply Last reply Reply Quote 0
          • T
            tman222
            last edited by tman222

            Thank you both for your help! I wanted to follow up and let you know that Option 2 worked like a charm. I installed pfSense 2.7 CE, moved the NIC over to the new system, upgraded to pfSense Plus 23.05.1, and then restored the 23.05.1 config from the old system. The whole process probably took less than 30 minutes and everything was working fine by the end of it.

            I only ran into two minor issues:

            1. After config restoration the udpbroadcastrelay package service refused to start. Disabling / Re-Enabling the package via its GUI configuration page solved the issue and the service started fine.
            2. I was greeted with a bunch of errors after the initial reboot that followed config restoration. These were mainly pfBlockerNG related. I use pfBlockerNG lists as aliases in firewall rules and these lists don't exist without the initial pfBlockerNG update (that downloads and creates them). Once I ran a manual pfBlockerNG update, the lists were created everything was fine going forward.

            Overall I'm very impressed with how smoothly the hardware upgrade went - a big thank you to everyone at Netgate for making the installation and restoration process so seamless.

            1 Reply Last reply Reply Quote 1
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.