Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Moving pfsense to different hardware

    Scheduled Pinned Locked Moved Hardware
    7 Posts 5 Posters 11.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      acidrop
      last edited by

      Hello!

      Can anyone tell me in case of hardware failure (mobo crash) how easy is to migrate all pfsense (via acronis or ghost for ex) to a different machine with completely different hardware?Do i have to do a fresh install and restore the config?

      thank you

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG
        GruensFroeschli
        last edited by

        Very easy.
        You dont need ghost.
        Just backup the config from the backup-page and then restore the config on the new machine.
        If the new machine has other interfaces you might have to reassign them.

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • C
          chazers18
          last edited by

          not to hijack–

          but what about Open Vpn stuff

          from what i can tell that data doesnt come with on the backups...
          and the /root/easyrsa4pfsense is a folder that has all the custom ca in it and the script that we can run now ./build-key uname
          how does that get to a new machine? /better build
          upgrading from 1.2rc2 to 1.2rc4 ? can i just insert the iso in to the upgrade file pointer?

          1 Reply Last reply Reply Quote 0
          • S
            sullrich
            last edited by

            In your case ghost might just make more sense considering we do not backup openvpn certs and such as you say.  We'll get that fixed in the future for sure.

            1 Reply Last reply Reply Quote 0
            • C
              chazers18
              last edited by

              Thanks For adding the Open Vpn options!  that will be what i  will wait for

              also what can i do to upgrade from 1.2 rc2 to 1.4 rcfinal?  i would like to keep all the VPN settings with out rebuilding and sending all the new certs to the clients.

              1 Reply Last reply Reply Quote 0
              • D
                dtran
                last edited by

                also if you have chained certificate, you have to add/edit your configuration manually after a restore.

                1 Reply Last reply Reply Quote 0
                • C
                  chazers18
                  last edited by

                  well i figured out how to move the easyrsa4pfsense and set all the permissions
                  in the case of New Hardware and Software Like a migration from 1.2 rc2 to 1.2.rc4 or what ever until they get the webgui up and going for the cert management

                  i used winscp and pulled the easyrsa4pfsense folder out of the old machine (copy)
                  and pasted it in the new machine (same location) /root/easyrsa4pfsense

                  set the permissions to 755 (i think)
                  login to the machine via putty or (8) on the cli

                  then cd /root/easyrsa4pfsense

                  source ./vars

                  ./build-key XXXXX (xxxx would be the user name)

                  all done

                  on the new machine i would do a restore to get all the interfaces and firewall settings correct
                  and now you just need to copy and paste all the certs that you have in the Actual VPN pages to the new machine.
                  this is atleast what i did, and it worked. moved from 12.rc2 to 1.2 rc4.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.