Netgate Configuration Export (6100 MAX)
-
@Burizado you still could connect the SSD of the broken 6100 to a computer. At this moment I assume you are not sure if the SSD did survive?
-
@patient0 Yes, true.
I do believe it is fine, as I see no physical damage like I see on the main board (see image; you can actually see where it left a mark on the white lid as well).
I do have a few external cases I can put it in and connect to my PC or UNRAID server to see if it is still good (I know you mentioned before it needs to be a FreeBSD based OS).
-
@Burizado said in Netgate Configuration Export (6100 MAX):
you can actually see where it left a mark on the white lid as well
Wow, no doubt about the damage there.
...you mentioned before it needs to be a FreeBSD based OS
Actually, if pfSense was installed on a ZFS file system, a Linux based OS probably works too. If it's UFS then Linux won't be of much help.
-
@Burizado said in Netgate Configuration Export (6100 MAX):
The importance of off device backups of your configuration
We save the file after every time making changes. Sometimes I add a note to the filename like " (added VLAN)".
For the more, or maybe less, paranoid, there is https://docs.netgate.com/pfsense/en/latest/backup/autoconfigbackup.html.
Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
Upvote ๐ helpful posts! -
@SteveITS Thanks for the reply!
Yes, that is one of my 'lessons learned', that I need to do a backup of the configuration at a MINIMUM every time I make any changes.
If I look on the positive side, if I do need to reconfigure it, this will allow me an opportunity to correct any non-optimal setups I did as a new Netgate owner 8 months ago.
-
Yes the config file is on the SSD and would be present on the new device.
Do you see any output on the console when booting the old 6100?
If it boots there you can probably extract the config from the console directly.
-
@SteveITS said in Netgate Configuration Export (6100 MAX):
We save the file after every time making changes. Sometimes I add a note to the filename like " (added VLAN)".
Revision Control Systems are your friend. My current RCS has pfSense configs back through 2013.
Unfortunately, configs prior to that were discarded along with my prior RCS.
-
@dennypage Well hopefully you won't need to track down many changes made in 2012.
We have several clients with pfSense, and don't make that many changes, but it's nice to have a copy in our office in case of hardware failure. We can grab a replacement and quickly restore, or use ECL to restore without even connecting a laptop.
Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
Upvote ๐ helpful posts! -
@stephenw10 said in Netgate Configuration Export (6100 MAX):
Yes the config file is on the SSD and would be present on the new device.
Great! Thanks for confirming!
Do you see any output on the console when booting the old 6100?
I did not try connecting the console cable up yet. I have not done that before and have to review how to do it and if I have the equipment to view the console.
If it boots there you can probably extract the config from the console directly.
Right now it seems to be in a boot loop (just from external observation), and shuts down after about 3 minutes. The blue light on the front flashes the entire time, then only red. I don't get an IP address on the PC I had directly connected to the device. I will see if I can get the config directory that way before opening the case back up. It sounds like I have options from all the suggestions here. Thanks!
-
@SteveITS said in Netgate Configuration Export (6100 MAX):
Well hopefully you won't need to track down many changes made in 2012.
It's more of an emotional problem for me at this point.
-
@stephenw10 Thank you for the great suggestion! I was able to get my /conf directory off the old device via the console cable. I tried several other methods to no avail.
Next question, I only copied the /conf directory thinking I would only need the configuration. I did have pfBlocker and some other packages loaded onto my old 6100. Do I need to copy anything other than the /conf directory to restore those to the new 6100?
Also, my assumption is that the /conf directory has all my firewall and NAT rules in the configuration that I can restore to the new 6100. Is that correct?
-
@Burizado A restore will install packages that were in/from the config file. (it's easier to think of this as "will install missing packages" but I think it reinstalls them all anyway)
If you just plug in the WAN cable and use the above ECL method you don't even need to log in to it, to restore. WAN will be configured at that point, and it will install the packages. Plug in LAN and log in via your browser. You might need to reboot once, for instance, enabling the RAM disk setting needs a reboot.
-
@SteveITS Thank you for the quick reply, and confirming all the packages should get reinstalled!
So if I am understanding the ECL process from the documentation you linked (THANKS!), I just copy the config.xml in the 'conf' directory on my USB, to a 'config' directory, then insert it into the new 6100 and start it up? Seems easy enough.
Since I have the console cable configured on my PC, I might just use that on the new 6100 to watch the boot and restore process. I have not booted the new 6100 yet. I was waiting to see if I could get the old configuration back, so I wouldn't have to set everything up from scratch.
Sorry for all the questions. This is my first time with a full restore and I don't want to 'brick' the new device, if that is possible.
-
Yup, you only need the config.xml file from /conf to get back all your config.
-
@Burizado Yes. Or you can do it the "long way," log in, get WAN working, and then restore from the web GUI.
-
OK, well it seems it restored some of the configuration but not all of it.
My process:
-
Copied the whole '/conf' directory to a USB drive directly from the console. I did use the 'umount' command to unmount the USB before removing it.
-
Put the USB into my Win11 PC and copied the '/conf/config.xml' file to the 'config' folder I created after I put the USB in my PC. (could have creating the folder and copying the file in Win11 messed up the process?)
-
I put the USB drive into the new 6100, connected the console cable, and plugged in the power.
-
Once it got to the menu after boot I removed the USB, and gave it another reboot.
My old 6100 had a 172.20... network which it seemed to configure. My PC I have connected to the LAN1 port gets a 172 IP address, and I can access the GUI via the gateway address.
When I go into the web GUI, I don't see any of my firewall or NAT rules. Also the port names are not set either. Seems the only thing it did was set the IP table to my 172.20... range. Nothing else seems to be configured.
I did also try redoing the whole process only this time with the WAN cable connected. My thought being it could not load some packages that it needs to complete the configuration setup. That did not work either. The firewall rules were not setup so the device could not get out to download any packages.
I did notice all the config files on the old 6100 have dates of 16th Oct. 2024 which is 8 days after I purchased the original 6100. I am certain I made config changes after that date. All the files in the /conf/backup directory are the same date or earlier.
My current questions:
-
Could booting the old 6100 have reverted it back to a previous configuration setup before I got a chance to copy it off?
-
Is the config.xml file in the '/conf' directory what is currently setup on the device?
-
If I don't see any config.xml files in the '/conf' or '/conf/backup' that have more recent dates, am I stuck reconfiguring the new 6100? Are there any other directories that config files could be?
I am thinking the answer to #3 is I am going to have to start the reconfigure process on the new 6100, but I want to exhaust all options before going down that path. I mean looking at the positives, I did learn a lesson about the importance of off device configuration backups, and it will give me more experience doing pFsense initial configurations. So there is that.
-
-
@Burizado said in Netgate Configuration Export (6100 MAX):
Once it got to the menu after boot I removed the USB, and gave it another reboot
At this point it was likely still installing packages. :-/ The web GUI has a message for that, if you log in. I am not sure the console does, but it would be buried in the logs.
@Burizado said in Netgate Configuration Export (6100 MAX):
all the config files on the old 6100 have dates of 16th Oct. 2024
Yeah that sounds wrong. /cf/conf and /conf are the same directory:
drwxr-xr-x 3 root wheel 3 May 28 10:34 cf
lrwxr-xr-x 1 root wheel 8 Nov 22 2024 conf -> /cf/conf...so /conf/config.xml should be the latest.
-
@SteveITS Thanks for the quick reply and confirming the /conf/config.xml file should be the latest.
-
Mmm, you wouldn't expect to find all the backup config files to have to same date. It does sound like maybe it was overwriting the backups with changes as it tried to boot repeatedly.
