I recently got my first Netgate firewall (6100) and am looking to migrate off a Protectli device. I know that the interfaces are going to be different and will need to be reconfigured. So I wanted to see if anyone had any best practices for migrating hardware to help reduce my heartburn?
My routine for this is to boot the new device into pfSense and see how it enumerates the devices. I make note of the device names, then edit a copy of my backup file from the old machine, doing a find/replace of the old/new device names. Then when I restore that backup on the new hardware, it’s a pretty smooth process.
When you do your find/replace, just make sure you include the brackets (>em0<, for example). That will save you from accidentally changing a string within your device’s private keys.
When you move from one device to another using the back up and restore of the XML file if the new system does not have the same interface names pfsense will ask you to align the interfaces to the new names in the web UI.
1 Like
As above, when restoring the backup it will ask you to select the network ports
The main ones are your wan ports, as you need to map them correctly on the netgate 6100 Netgate 6100 Security Gateway Manual — Input and Output Ports | Netgate Documentation
That’s a very good point for most setups.
The info I left out is that the restore from the UI has usually has not worked for one of my systems, apparently because of my link aggregation setup. I’ve never gone back to see if that’s been resolved in newer versions, but that was a big problem for me at one time.
Instead, I plant the edited /conf/config.xml on the new machine and it just boots into a working system. Has the added advantage that I can keep the file in version control independent of the device.