Restore physical pfsense from virtual pfsense?

Over the past couple of years, I have my pfsense working about 90% of the way that I want it to. It is currently installed on a physical protectli device. However, when trying things out, I was never one to make a backup before experimenting. It seems that some packages will remember things things when removed and then reinstalled at a later date, and there is some residual garbage with that which I no longer want to keep.

So I installed proxmox and setup pfsense as a VM in there to start from scratch. I created 5 virtual network devices to simulate the 4 physical ports on the protectli, while keeping the 5th as a “WAN” so i still had internet access. I then meticulously rebuilt my firewall and have gotten it to a point where I think it is best to continue on the final hardware due to certs and Dynamic DNS settings. I have exported the config.xml file and am ready to load onto the physical hardware.

What would you recommend to get this file onto the device? Should I flatten and reload the device or should I just head to the restore option in the UI? Anything I should watch out for? How easy is it to re-map the interfaces? Will I be able to delete the “phony WAN”? What about package data needed or not needed at the OS level by the xml file? I am just trying to prepare myself and minimize the internet down time while I do this.


You can either download the XML file and edit it to make the interface names match the system you are uploading it to, or you can just do a selective restore. Also, because it’s XML you can down the file, remove things you don’t want, upload it back.

Sweet. Never really bothered to look at the xml file before. I feel so dumb. But it does look like I can do a simple find/replace “vtnet” > “igb” to resolve my interface assignments. The current “physical” xml file is about 1K lines longer than the virtual one. Lots of stuff in there for pfblockerNg which was uninstalled long ago, among others. Thanks for the tip!

1 Like