PfSense - Physical Router w/ Virtual Backup

Is it possible to setup a physical PfSense Router and setup a virtual machine as a backup? This would be for a Home Network.

I assume you mean as an HA system and while setting up mismatched pfsense firewall hardware is possible, it’s challenging and not likely to work very well.

What if you didn’t do HA? ie set it up so that keep a backup config of the physical device and keep it ready to upload to the VM and keep only one online at a time. Set them up so they both have the same IP address on the WAN side however only one is physically connected to the network at a time.

Would this work?

I’m sure there would would be tweaks necessary to make it work fully.

When I first looked at pfsense I had exactly this thought … however I didn’t get far with it … ultimately I bought a second identical box for pfsense as my backup, I use it for testing but the pfsense restore process is pretty easy so I’m relying on this. It seems quite challenging to get pfsense to operate in a vm depending on the scenario.

The interfaces won’t match, but you can fix that when you do a restore from backup.

That’s what I thought.

If I’m not mistaken Netgate don’t advise running a VM for most situations / use cases? Why not by 2x 1100’s or 3100’s and run them in HA? Could the SG1100’s USB port’s not allow a basic failover via a USB flash drive?