Restore config to new HW -> no WebGUI access

Started by andre_x, May 28, 2024, 10:57:19 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 28, 2024, 10:57:19 AM Last Edit: May 28, 2024, 10:59:43 AM by andre_x
Hi all!
My OPNsense hardware is a Fujitsu Futro S920 with just 1 NIC, so I use VLANs to manage WAN/LAN.
I'm trying to restore the configuration into a new hardware that has multiple NICs, I've opened the config file, renamed the physical interface with the name of one in the new hardware, restored the configuration and I can see all the VLANs and the physical interface. I can assign a new IP to the interfaces, I can ping them, but I can't reach the WebGUI.
I've disabled the firewall with pfctl -d, but nothing.
What am I doing wrong?
Thanks!

Here is the interfaces config part:
Code Select
  <interfaces>
    <lan>
      <if>re0</if>
      <ipaddr>192.168.20.251</ipaddr>
      <subnet>24</subnet>
      <ipaddrv6/>
      <subnetv6/>
      <media/>
      <mediaopt/>
      <gateway/>
      <gatewayv6/>
      <descr>LAN_fisica</descr>
    </lan>
    <lo0>
      <internal_dynamic>1</internal_dynamic>
      <descr>Loopback</descr>
      <enable>1</enable>
      <if>lo0</if>
      <ipaddr>127.0.0.1</ipaddr>
      <ipaddrv6>::1</ipaddrv6>
      <subnet>8</subnet>
      <subnetv6>128</subnetv6>
      <type>none</type>
      <virtual>1</virtual>
    </lo0>
    <opt1>
      <if>vlan01</if>
      <descr>LAN</descr>
      <enable>1</enable>
      <spoofmac/>
      <ipaddr>192.168.20.251</ipaddr>
      <subnet>24</subnet>
    </opt1>
    <opt2>
      <if>vlan02</if>
      <descr>WAN</descr>
      <enable>1</enable>
      <spoofmac/>
      <ipaddr>dhcp</ipaddr>
      <dhcphostname/>
      <alias-address/>
      <alias-subnet>32</alias-subnet>
      <dhcprejectfrom/>
      <adv_dhcp_pt_timeout/>
      <adv_dhcp_pt_retry/>
      <adv_dhcp_pt_select_timeout/>
      <adv_dhcp_pt_reboot/>
      <adv_dhcp_pt_backoff_cutoff/>
      <adv_dhcp_pt_initial_interval/>
      <adv_dhcp_pt_values>SavedCfg</adv_dhcp_pt_values>
      <adv_dhcp_send_options/>
      <adv_dhcp_request_options/>
      <adv_dhcp_required_options/>
      <adv_dhcp_option_modifiers/>
      <adv_dhcp_config_advanced/>
      <adv_dhcp_config_file_override/>
      <adv_dhcp_config_file_override_path/>
    </opt2>
    <opt3>
      <if>vlan03</if>
      <descr>IoT</descr>
      <enable>1</enable>
      <spoofmac/>
      <ipaddr>172.16.33.251</ipaddr>
      <subnet>24</subnet>
    </opt3>
    <opt4>
      <if>vlan04</if>
      <descr>VLAN200</descr>
      <enable>1</enable>
      <spoofmac/>
      <ipaddr>192.168.200.251</ipaddr>
      <subnet>24</subnet>
    </opt4>
    <opt5>
      <if>wg1</if>
      <descr>WG1</descr>
      <enable>1</enable>
      <lock>1</lock>
      <spoofmac/>
    </opt5>
    <opt6>
      <if>vlan05</if>
      <descr>Neighbors</descr>
      <enable>1</enable>
      <spoofmac/>
      <ipaddr>192.168.15.251</ipaddr>
      <subnet>24</subnet>
    </opt6>
    <openvpn>
      <internal_dynamic>1</internal_dynamic>
      <enable>1</enable>
      <if>openvpn</if>
      <descr>OpenVPN</descr>
      <type>group</type>
      <virtual>1</virtual>
      <networks/>
    </openvpn>
    <wireguard>
      <internal_dynamic>1</internal_dynamic>
      <descr>WireGuard (Group)</descr>
      <if>wireguard</if>
      <virtual>1</virtual>
      <enable>1</enable>
      <type>group</type>
      <networks/>
    </wireguard>
  </interfaces>
And here the VLAN part:
Code Select
<vlans version="1.0.0">
    <vlan uuid="ab11bcee-edca-4de1-a019-432e490cbbfc">
      <if>re0</if>
      <tag>2</tag>
      <pcp>0</pcp>
      <descr>LAN_VLAN</descr>
      <vlanif>vlan01</vlanif>
    </vlan>
    <vlan uuid="255dd735-3d7e-49fa-9aa3-352dcf1b0c69">
      <if>re0</if>
      <tag>77</tag>
      <pcp>0</pcp>
      <descr>WAN</descr>
      <vlanif>vlan02</vlanif>
    </vlan>
    <vlan uuid="da04b0cb-2852-49c7-82ca-e0a820479c90">
      <if>re0</if>
      <tag>33</tag>
      <pcp>0</pcp>
      <descr>IoT</descr>
      <vlanif>vlan03</vlanif>
    </vlan>
    <vlan uuid="25477895-432b-4814-8a6c-a70423aea760">
      <if>re0</if>
      <tag>200</tag>
      <pcp>0</pcp>
      <descr>Management</descr>
      <vlanif>vlan04</vlanif>
    </vlan>
    <vlan uuid="4843b562-0653-4852-a3e5-b44a64eea025">
      <if>re0</if>
      <tag>15</tag>
      <pcp>0</pcp>
      <descr>Neighbors</descr>
      <vlanif>vlan05</vlanif>
    </vlan>
  </vlans>
May 28, 2024, 11:10:08 AM #1
Check System > Settings > Administration >  Listen Interfaces. Best set to "All (recommended)".
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
May 28, 2024, 11:12:26 AM #2
Quote from: Patrick M. Hausen on May 28, 2024, 11:10:08 AM
Check System > Settings > Administration >  Listen Interfaces. Best set to "All (recommended)".
I've just checked, on my old router it's already set to "All (reccomended)".
May 30, 2024, 07:10:32 PM #3
Bump...
Anyone?
June 02, 2024, 02:01:47 PM #4
Hello,

Sorry my English isnt good, so i hope everyone know what i mean...

I have exact the same problem.
Currently my "test installation" is running on an old HP Elitedesk PC.
On this i have configured everything what i need, and all is working since min. 1 month.

Now i thought its time to transfer this working config to my "old" sophos SG135 rev.
So i installed OPNsense on this SG135, and load the Config.xml during the installation.
But before i do that, i opened it and replace the LAN and WAN interfaces with the new Interface names on the SG135.

Then i installed it & loaded the config.
When the installation is complete, i could ping the OPNSense (running on SG135) and also the DHCP works (i got an adress from the sg135)

But i couldnt access the WebGUI :(
Also Internet ist not working....

I try now several Days to find a Solution, but i didnt find any solution.

Could somebody help us?

Kindly Regards
xenon
June 02, 2024, 03:36:03 PM #5
it looks like I have found a solution for at least my problem.

Everything was working fine on my "test firewall" which is currently in active use with OPNSense 24.1.8.

I wanted to transfer the backup from this installation to my Sophos SG135 rev3.

I also downloaded the current installation file for AMD64.....

However, the installation file is version 24.1 and not 24.1.8.

And that was apparently exactly the error!

So I first made an empty, fresh OPNsense installation with 24.1 and then updated it to 24.1.8.

Then I edited the exported config file again so that the interfaces matched the new hardware.

And then uploaded this config file via the web interface of the freshly updated installation.

Then I restarted and everything has worked as usual so far. I hope it stays that way =)

For days I tried everything possible, focusing on the EEE function of the Intel NICs, because you can read on the Internet that these built-in network cards of the SG135 rev3 cause problems and apparently go down frequently.

But the cause was apparently just that the backup file of 24.1.8 cannot be imported into 24.1 (the current installation file).

At least not 100% functional.

Maybe this will help you too, because I have also set up a handful of VLANs on my LAN interface ;)

Regards
xenon
June 03, 2024, 05:27:48 PM #6
Quote from: xenon2008 on June 02, 2024, 03:36:03 PM
However, the installation file is version 24.1 and not 24.1.8.
And that was apparently exactly the error!

For me it was the opposite: the backup was from V 23.x, but I'm not sure that this has been what solved the problem because I've done a looot of other tests.

By the way, thanks!
Print
Go Up Pages1
User actions