Upgrade from 2.5.1 to 2.7.0 nightmare
-
I upgraded from 2.5.1 to 2.7.0
Aliases were a mess after the upgrade
Could not create new ones (host and IP)
Could not update from 2.7.0 to 2.7.2 (even after trying certctl rehash)
Some UDP traffic wasn't going from site 1 to site 2 properly THROUGH MY tunnel ( I didn't adjusted the IPŜEC config)
Rebooted and pfSense would not boot anymore
QUESTION
Is it better if I go from 2.5.1 to 2.6.0 then to 2.7.0 then to 2.7.2 ? -
Coming from 2.5.1 I would probably install 2.7.2 clean and restore the config into it.
However you should be able to upgrade.
Was it just not offering 2.7.2?
If it failed to boot it may have been some existing issue that was revealed by the upgrade and reboot. A hardware problem perhaps. Do you know where it stopped booting? What error was shown?
-
S stephenw10 moved this topic from General pfSense Questions on
-
@stephenw10 Tks for the reply stranger
THe UPDATE GUI (Web ) was offering 2.7.0
Once I rebooted it was offering 2.7.2
VM hosted at vultr.com and made snapshot before (while running and also while HALTED)
I rebooted several time before the update from 2.5.1. to 2.7.0
SO you are telling me I can backup ( the xml file) my config 2.5.1, install 2.7.2 fresh and import my 2.5.1 HTML config ?
I'm not a PfSense expert even if my company has been using several years and hundreds of domains are impacted by it running well or not :-)
I'm 57 ( 30+ years in IT MAc, Win, Linux, security.... ) I come from the BBS world up to now... One of those guy talking about DOS, COmmodore VIC 20 and modems)
tks !
If I am asking if 2.5.1 file will work it's because all my aliases were messed up after the upgrade... And the GUI (creating new alias) was behaving abnormaly
-
Yes you can import a config file from an older version into 2.7.2. Theoretically from any earlier version. 2.5.1 is not that old though so I wouldn't expect any issues.
Since you're running in a VM and have snapshots it should be relatively risk free.
-
@stephenw10 Tks my friend.... A project for this week end when my wife goes to sleep :-)
And my customers too.... ( I have 2 sites... Site two can handle the load ( eMails gateway..... oops I'm sharing too much)
-
@yoda If you grab an old 2.7.2 CE ISO from one of the mirrors instead of the new Netgate Installer that need to be online to install, you can upgrade your box from 2.4/2.5 to 2.7.2 in as much as 15min depending on your system storage and USB stick ;) On slow boxes with eMMC or slow HDDs/cards it may take a bit longer, but the fastest we did for a customer was at around 10-12min.
Make a backup of the config.xml via Diagnostics beforehand! But you can just put the image on a stick, boot from it, tell it to recover your config.xml (so it gets installed alongside and you don't have to even restore it afterwards!) and just do a quick install. Done. System updated to 2.7.2 and with your config already on it :)
Depending on your system pick your image here:
Netgate ATX Mirror of pfSense CE releasesCheers
-
@JeGr WOW !!!
Very much appreciated....Tks !
JF
My PfSense (site 1) is running on some VULTR.COM VM ;-) I know I know...But it has been working well for several years ! At the other end, the other pfSense is running on vmware (Site 2) -
@yoda Ah both virtualized. That makes it easier to roll back for sure. A new install would need the ISO then (on the VM side). Not sure about the vultr side as I don't know their console capabilities though.
Cheers :)
-
@JeGr yep
as for the config .xml if I am forced to import it after (and not during) I guess it'll do the same thing...If some encrypted methods/settings for my IP tunnel config is not supported anymore in the new pfSenseversion, the xml file will still import properly ? I will only have to tune a bit the IPSEC tunnel ?
I don't remember which exactly but some encrypted settings are not available anymore in the new version...
-
Yes you can still import an older config. If it's using some deprecated feature the config upgrade code will handle that.
