Reset pfSense
-
Hi all. I am pretty new to pfSense and know nothing about them or how they work and yet I'm the lucky winner of a HA failure. What I do have is a backup. What I don't have is access to the console, so my question is: How do I restore this backup cause every single google search tells how how to reset to factory defaults in the console
-
You need to to have GUI (typical https://192.168.1.1) access.
And before you go any further, make 'console' access working. About the how-to : I can give more info when you give more info, like what hardware you're using etc.Btw : "know nothing about them or how they work" you've won nothing special, and don't get me wrong here : don't touch them. To handle "HA failure" issues, you need to have have "some knowledge" (IMHO : already close to expert level), as this concerns two devices, and the way how they are interlinked.
That said : If you have config copies of both devices, made at the same moment (or close), and you gave access to both devices, you might pull it off : import on both devices the config, and have them reboot both.
That said : can't say more, never even saw a HA setup. -
What hardware are you using? What do you have access to?
Steve
-
@stephenw10 Hi Stephen. last night I build an old PC with a serial port and tested that on a Cisco router and it worked. I'm going to test now and see if I can get into the Firewall via Putty. Device info = Netgate XG-1541. If I log onto the second Firewall under system it says: Super Micro 1541. Had a look at the last backup my predecessor took and its a xml document and size = 8.6m/b. Hope this info helps. Will let you know shortly whether I have putty access
-
The XG-1541 uses the VGA console by default. Unless the serial port has been enabled as a console you would need to connect to it directly with a keyboard and monitor.
-
@stephenw10 Yeah man I just realized that the putty option will give me the same as the monitor. So the Firewall boots up and stays keeps repeating the following: login 1305 (this number changes) login on ttyv0 as root : /etc/rc.initial: not found. And then: init 1305 - getty repeating too quickly on port /dev/ttyv0, sleeping 30 secs
-
Ah, sounds like it partially upgraded. Is that possible?
If you are running ZFS you can probably roll back the BE snapshot at the loader menu. Otherwise if you boot into single user mode from the loader menu you can try to recover from the CLI
You can always reinstall clean to get to 23.09 though and that's probably fastest. Open a ticket to get the recovery image:
https://www.netgate.com/tac-support-request -
@stephenw10 Hi Stephen. Booted into single user mode and I'm at; enter full pathname of shell or RETURN for /bin/sh:
-
Ok so hit return to reach the CLI.
You can use bectl there to switch BE snaps if you're running ZFS. If you're running UFS you can run an fsck:
https://docs.netgate.com/pfsense/en/latest/troubleshooting/filesystem-check.html#manual-filesystem-check
