1.2.3-RELEASE >> 2.0



  • I tryed to update (pfSense-Full-Update-2.0-RC1) via WebGui but after rebbot i get always Network interface mismatch.
    I installed 2.0 new on a new machine but here i'm unable to restore the 1.2.3 config. When I try to resore parts i receive no error but nothing is restored. The config is quite complex and it would take quite long to enter it manually in 2.0
    Is there a solution to help me out? Any help would be highly apprechiated

    Best regards Ginne


  • Rebel Alliance Developer Netgate

    Use a current snapshot, not the official RC1. Many upgrade bugs have been fixed since then.



  • for the Update I use: "pfSense-Full-Update-2.0-RC1-i386-20110530-0911.tgz" correct?

    What do i have to pay attention to if i want to restore a 1.2.3 config to 2.0 system? Do i need to uninstall packages prior to the backup in 1.2.3?

    Thanks for your help

    Ginne



  • I have currently the following packages installed (in 1.2.3):
    Fit123, TFTP, squid and squidGuard.
    Can I leave them installed when updating?


  • Rebel Alliance Developer Netgate

    For best results, remove packages prior to the upgrade. Recent snapshots should be better about reinstalling packages but there are still probably some cases there that have not been tested well.



  • I tryed it! No success, still the same "network mismatch…." I had to reinstall 1.2.3 and played my config back. I had uninstalled all packets prior to the update attempt! Please help Ginne


  • Rebel Alliance Developer Netgate

    If you have any international characters in description fields that can also cause the config to fail parsing, which would cause the same symptoms.



  • what do you mean with international characters? There is no üöä etc. I just rechecked.
    Could you please have a look at my config?


  • Rebel Alliance Developer Netgate

    I can look if you want. Email it to me at jimp (at) pfsense <dot>org.</dot>



  • it's on the way - thank you very much … Ginne


  • Rebel Alliance Developer Netgate

    			<descr>whois.ripe.net für Cosynus</descr>
    
    

    ^ International character in a firewall rule description

    Otherwise it's a valid XML file.



  • OK, sorry I was blind!!! So I try a update again or a fresh install with 2.0 and restore of the config?


  • Rebel Alliance Developer Netgate

    Either way is fine.

    I just ran the config through xmllint, it will flag any invalid XML characters. Makes things like that easy to spot without having to hunt all over the GUI. :-)



  • @jimp:

    I just ran the config through xmllint, it will flag any invalid XML characters. Makes things like that easy to spot without having to hunt all over the GUI. :-)

    That's the difference between a professional and a beginner ….. I'll try a new install



  • Both the update and the restore of the 1.2.3 config in 2.0 worked! But I run in an other problem using 2.0:
    My clients do not get DNS info, I finally gave up, and reinstalled 1.2.3 again. Here no problem!! I'll try again tomorrow… it's 4:19 am now! Ginne



  • I got it finally working! Thanks again for your great help jimp!!

    The DNS needed an other rule on the LAN interface: allow UDP  LAN net  *  (pfsense IP)  53 (DNS)
    1.2.3 did not need this.

    Then an other problem, what took me a long time today:

    I could not select the gateway in the Advanced features of the rules! When i clicked on "Gateway" "advanced" nothing happend! I found out this is a browser problem (Firefox 4.0.1) with IE8 it worked fine!

    Best regards from Germany :)

    Ginne


  • Rebel Alliance Developer Netgate

    You must have a restrictive ruleset on LAN then. Previously, the "anti-lockout" rule would have allowed that DNS traffic because it allowed anything to hit the pfSense LAN IP, but now that is not the case.

    As for the gateway selection, it works fine for me with FF 4.0.1, there may have been something in the browser cache that needed cleared.


Log in to reply