Stupid - accidentally tried to auto upgrade 1.2.2 to 2.1\. How best to fix

jbrinker

Honest, Im not a newbie to the world of networking. I have a dozen business clients, and more than half have Netgate 2D3 firewalls. However, I now realize that all of them but one were purchased with 1.2.3 at least as the "initial" version. All (but this latest one) were recently upgraded to 2.1 with no issues.

Unfortunately for me, I didnt look closely, and last week I upgraded the very first 2D3 I ever installed (a long time ago) using the automatic upgrade feature. As soon as I did it, before it even finished, I had my oh crap moment. But the upgrade completed, and the box still "runs". Sort of.

I cannot make any configuration changes, I cannot download or upload any backups using the gui. I DO have a good backup of the 1.2.2 config file from immediately before attempting the upgrade (see Im not a complete doofus, just 99%).

This client is pretty close to a 24/7 shop this time of year. Like I said, the box is still running, still working, still doing its job. But I cant manage the box through the gui. I can SSH into it, and if need be I have physical access.

Worst case, I guess I just rip it out, and write the latest 2.1 onto the CF card, and restore the old config. Right?

If that doesnt work, I could write 1.2.2. or 1.2.3 and try. Correct?

Just thinking - is there ANY way to do this without going that route? I.e. can i manually "re flash" back to 1.2.2 via SSH or serial? Or is it just not worth the risk?

Since upgrading from 1.2.2 to 2.x is not supported - I'm guessing someone out here can tell me what screws up, and maybe if there is a path back? If not I will have to arrange a downtime.

OH, one other question - is this box in a meta-stable state? I.e. Im worried that if it gets power cycled it will be screwed. Justified or no?

These errors are flowing across the gui screen:

Filter Load: There were errors loading the rules: /tmp/rules/debug 32: syntax error /tmp/rules.debug32: and it has many…

ANY advice appreciated. Thanks.

Jeff

stephenw10

Hmm, 1.2.2 was not using NanoBSD I believe so you don't have the option of swapping slices. Hard to know quite what happened when you tried to upgrade. I would have to assume the box is in an unknown state and that's never good. You really don't know what it might do.

https://doc.pfsense.org/index.php/Upgrade_Guide#Embedded

One of the devs will probably be able to give you better insight but if it were me I'd schedule some time to put a fresh 2.1 CF card in it ASAP.

Steve

jimp

There is no supported upgrade path from embedded 1.2.x to anything. You have to rewrite the CF. Even to go from 1.2.2 to 1.2.3 you had to rewrite the CF. 1.2.3 and later use NanoBSD which does support upgrades.

You can take your older configuration and restore that to a newer 2.0.x or 2.1 in most if not all cases.