Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 27 subscribers
  • Views 726 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Migrate XG 18 to new hardware

dakster

Hi,

Does anyone know of a reasonable way to migrate my current XG 18 settings to new hardware?  I currently have XG 18 on an old UTM 425 box (8 ports).  Fans to noisy for current environment.  I want to migrate it to a Protecteli FW6C (four ports).  Can't use backup/restore because of hardware/ports.  I've been testing the xml-tar export/import and that fails most of the time. 

Any good ideas without me having to recreate all of the settings?

Thanks!



This thread was automatically locked due to age.
Parents
  • 0

    Hi Dakster,

    I often upgrade XG devices from one platform to another.  Using the Export/Import is likely the best way to move forward.

    Common ones I will export are: IPHost, IPHostGroup, FQDNHost, FQDNHostGroup, MACHost, WebFilterException, Services, ServiceGroup, DHCPServer, DHCPBinding, DHCPV6, DHCPV6Binding, DNS, DNSRequestRoute, AuthenticationServer, FirewallAuthentication, MTAAddressGroup, RelaySettings, VLAN, AdminSettings, Notification, CentralManagement, LocalServiceACL, and there are plenty of other settings.

    It is fine to import again over previous imported items, but do not import 'System Hosts' from a different model, review and edit your import file in detail.  If you are importing DHCP settings from another device, I find it best to create the interfaces and VLAN's manually using the same names prior to importing your settings.  Avoid importing TIME setting as it may cause the device to reboot during import.

    The tar file contains an xml script, and can be opened and edited with 7-zip.  During import, the xg gui interface will tell you after 3m the process is taking a long time and to check the logs.  The import file is processed from the top->bottom, you can also check to see if the last item in the import file exists.

    Then recreate your firewall rules manually.

    Hope this helps!

    André

Reply
  • 0

    Hi Dakster,

    I often upgrade XG devices from one platform to another.  Using the Export/Import is likely the best way to move forward.

    Common ones I will export are: IPHost, IPHostGroup, FQDNHost, FQDNHostGroup, MACHost, WebFilterException, Services, ServiceGroup, DHCPServer, DHCPBinding, DHCPV6, DHCPV6Binding, DNS, DNSRequestRoute, AuthenticationServer, FirewallAuthentication, MTAAddressGroup, RelaySettings, VLAN, AdminSettings, Notification, CentralManagement, LocalServiceACL, and there are plenty of other settings.

    It is fine to import again over previous imported items, but do not import 'System Hosts' from a different model, review and edit your import file in detail.  If you are importing DHCP settings from another device, I find it best to create the interfaces and VLAN's manually using the same names prior to importing your settings.  Avoid importing TIME setting as it may cause the device to reboot during import.

    The tar file contains an xml script, and can be opened and edited with 7-zip.  During import, the xg gui interface will tell you after 3m the process is taking a long time and to check the logs.  The import file is processed from the top->bottom, you can also check to see if the last item in the import file exists.

    Then recreate your firewall rules manually.

    Hope this helps!

    André

Children
  • 0 in reply to Andre Thibodeau

    Hi André,

     

    Thanks for the advice.  I actually ended up doing almost exactly that - selective exports and imports (without all the dependencies).  One type at a time.

    I did, however, do an export/import of IPHosts.  I looked into that file and the entities.xml (inside the .tar) does contain system hosts which I didn't edit out.

    That hasn't seemed to impact things - should I redo or remediate this in any way?

    Thanks!

    Dave