Restore config - problem interface assignment

delfi5 · Apr 4, 2025, 8:03 AM

Hi, I have a virtual fw on VMware with 9 network interfaces connected to the machine. There are also 3 virtual interfaces of as many OpenVPN connections configured on the fw.

I need to change machines with VMXNET3 network cards and I am trying to restore the configuration on the new vm.

How can I restore the configuration without losing the OpenVPN virtual interface association and the labels of the others? Because if in the assignment procedure I don't assign anything to the OpenVPN interface then it terminates and exit the config. Is there any other procedure? Many thanks

Gertjan · Apr 4, 2025, 9:41 AM

@delfi5

You can't assign an interface not known to the system at that moment.
Known are : the ones listed.
The OpenVPN server will start when the system boots normally, and the OpenVPN server process will created at that moment the 'virtual' interface ovpns1.

edit :

"Best practice" is :

Create an interface under Interfaces > Interface Assignments based upon your "ovpns1" interface.

The settings are :

so it's just the desciption - nothing else.

From now on,; you can leave the "OpenVPN" rule set empty :

and put them all - for this server - under :

delfi5 · Apr 4, 2025, 9:48 AM

@Gertjan
And I totally agree, but-what can I enter at that time? If I go out I lose the association of the ‘real’ ones that are listed next. Is there something for skip? Unfortunately then I have to deal with VMware's limitation on the 10 maximum network interfaces per vm. Otherwise I could load 12 interfaces and after startup change them, provided OpenVPN does not then complain during creation

@Gertjan said in Restore config - problem interface assignment:

and put them all - for this server - under :

My config is already set up like this

Gertjan · Apr 4, 2025, 9:49 AM

@delfi5

I'm not a frequent VM user, and never saw that many interfaces ....
Not sure if its useful info, but I would assign the WAN, the LAN, and have the system started.
Finish up in the GUI.

Interface assignment on the console level is - normally - something rather rare.

delfi5 · Apr 4, 2025, 10:11 AM

@Gertjan
Whether it is virtual or bare metal does not matter at this time.
Potentially there could also be vlan interfaces (and they could be 4096!).
I understand that this is a non-standard situation so I was asking what is opportune to do and how to proceed.

@Gertjan said in Restore config - problem interface assignment:

Finish up in the GUI.

and I lose all the configuration information of the interfaces

delfi5 · Apr 4, 2025, 10:16 AM

@Gertjan

I could edit the backup xml with the new interface names and their mac addresses as it expects it at startup on the new machine.
Maybe that would work that way?

Gertjan · Apr 4, 2025, 1:50 PM

@delfi5 said in Restore config - problem interface assignment:

Maybe that would work that way?

I wouldn't even asked that question, and done it already ^^
There is just one rule : don't make any 'errors' while editing your xml file.

stephenw10 · Apr 4, 2025, 1:24 PM

Yeah sub-interfaces like that don't exist at that point so you can't assign them from the console.

Either import the old config int the webgui where all the interfaces will be available. Or edit the config to match in advance as suggested.

And, yes, it's easy to make a typo. But you can always edit it again and re-import it.

delfi5 · Apr 4, 2025, 1:50 PM

@Gertjan

It works!

You need to turn on the new machine and check in which order the network cards are recognized.
You edit the backup file of the old machine with the names of the interfaces in the right order you want and then perform the restore.