OPNsense Forum

Archive => 17.7 Legacy Series => Topic started by: horseradish on January 28, 2018, 02:19:58 pm

Title: Newb Q: What to take into account when moving from pfSense
Post by: horseradish on January 28, 2018, 02:19:58 pm
Hello all, future OPNsense user here coming from /r/homelab and the things that went down there (https://www.reddit.com/r/homelab/comments/7t76sy/setting_the_record_straight/).

I would like to move to OPNsense from Pfsense. Although my setup is not very complicated in comparison to many others, I have put in quite a lot of time to get it working 'just right'. As such I am taking a cautious approach.
What should I expect when trying to move from pfSense?

Currently using the following not-too-complicated setup:

It would be easiest if I could just reinstall and restore a config backup, but from what I have read here it seems to me that this might not work.
Would someone be kind enough to guide this newcomer?

EDIT: Added the use of aliases
Title: Re: Newb Q: What to take into account when moving from pfSense
Post by: elektroinside on January 28, 2018, 03:02:12 pm
Welcome to OPNsense!
I too migrated from pfsense a month ago and I am very happy I did.

My advice would be to print screen your pfsense settings (easier than reading an XML backup, although I would also do this) and manually recreate them on OPNsense. While you're at it, you could also review them.

But before deploying it for production use, I personally "played" with OPNsense first, see what it can do, brake/unbrake stuff so I could get used to it.

There are also plenty of really well-written tutorials here on forum and here: https://docs.opnsense.org/index.html

You will also find the community and devs being very friendly and responsive.

One more thing good to know, 18.1 is nearly released. It has several enhancements and bug fixes.
Title: Re: Newb Q: What to take into account when moving from pfSense
Post by: fabian on January 28, 2018, 03:40:06 pm
Most settings will probably work (interfaces, firewall related stuff, DHCP/DNS, ...) but some have been rewritten so a full import will not work (CaptivePortal, Proxy, IDS, the Plugins). This is the reason for the official statement (<= 2.1 - the time when the fork happened).
Title: Re: Newb Q: What to take into account when moving from pfSense
Post by: horseradish on January 28, 2018, 05:54:43 pm
Thanks a lot for the replies!
Recreating manually seems like the way to go. However I am also considering to start with a VM to see what happens when I straight restore a pfsense backup as my settings are mostly firewall related.
Title: Re: Newb Q: What to take into account when moving from pfSense
Post by: chemlud on January 28, 2018, 07:31:50 pm
...last time I moved, I could import some areas (aliases, some other...), had a chat recently with Franco, he suggested the same, iirc, step-by-step.

I save the config after each import and look, if something strange happened after the last import. :-)
Title: Re: Newb Q: What to take into account when moving from pfSense
Post by: dcol on January 28, 2018, 09:46:39 pm
It's always better to start fresh so you can weed out old issues and obsolete items.
NAT, Firewall rules, and aliases will work the same way and can just be copied over manually.

Then follow some of the guides in this forum for setting up IPS. Always take a logical approach and choose based on your requirements.