Backup cannot be restored on current device : Upgraded Hardware, both running 18.0.2 MR-2

Hi Joe,

you need to be running the same number of NICs.

Ian

Hey Ian,

If in fact that is true, I am guessing there is no way to edit the current config files to show less NICs?

OLD: 5 NIC (only using 4)

NEW: 4 NICs

Anyway to remove the old unused port from the config?

thanks again for your help, it's greatly appreciated 

Hi Joe,

no, the XG is not like the UTM. You could try disabling one NIC in BIOS and see if that works?

Ian

Ian

Good thing we are on the same page, i disabled a NIC, unfortunately because i am using a four port DELL card, i can only disable the onboard NIC, which is assigned to "Port5". This will work IF, big IF here, i can reassign Port5 settings to Port1? Or renumber the port settings? Being a Network engineer ive completed this task pretty easily, even on Linux distros.

I've looked through all CLI / Console configuration guides and i'm unable to find anything about "port reassignment" or "transferring port settings/configuration". I dropped into the Linux kernel to find i am unable to edit the network config file. This makes sense since this is a Sophos propitiatory version of Linux.

I guess the question is, how can i move my "LAN - Port5" to unassigned/unbound Port1?

I was even thinking, possibly i could add the current port to a LAG (Add Ports 1&5 to NEW LAG) then remove port 5 and the LAG while keeping their settings? Its a stretch but i'm at the end of mu rope here =)

Again, i really appreciate your help and guidance on this request

Hi Joe,

the XG will re-assign port 5 to a spare port assuming you are not using all ports? Your ports will all be renumbered i think based on MAC address order and PCI numbering.

so be prepared for a bit of confusion while you identify each port and reconnect them to the correct devices.

Ian

oh you are saying after i disable the the onboard NIC, it should have automatically reassigned from Port5 to the next available port? (Port1 is unassigned or bounded"

Because that didn't work =(

Hi Joe,

it should shuffle the order. Might take two restarts/power off for the change to be effective.

Ian

I made the change i nthe BIOS. Booted and shutdown 3 times in a row after the firewall entirely was up. The CLI login shows only 4 interfaces (used to say 5) so i know the disabling worked. But when looking at Network configuration, it still shows Port5 as the LAN and technically there is not a port 5 when i look at "show network interfaces".

Hi Joe,

which ones does it show as active?
ian

It shows Port1-Port4 active without a Port5 from the console "show network interfaces". But when i select 1 Devie Interfaces it still shows Port5 as LAN.

It shows Port1-Port4 active without a Port5 from the console "show network interfaces". But when i select 1 Devie Interfaces it still shows Port5 as LAN.

Hi Joe,

I think we need a wizkid to jump in here and help out?

Hey  Lucar Toni would please have  look at the last couple of post on this thread provide some guidance. Thank you

Ian

if possible that would be fantastic!

I went on a 5 hour troubleshooting session till 2AM my time and i was able to figure out a work around.

- I reset my device back to factory defaults with 5 NICs (Onboard not disabled). Applied backup config and during the reload into the firmware, i disabled the NIC hoping it would reassign, i did not

- I shutdown fully three times and still the "LAN" zone was assign to Port5. Port5 however is not shown in "show network interfaces" and Port1 shows "UNBOUND"

- I attempted to rename the "Port5" interface to "Inside" in case it was holding the name and getting confused. Unfortunately after multiple shutdowns, this did not help

At this point, i started to focus more on the security zone "LAN" and not the interface because Sophos binds all of it's components on the security zone and not interface. 

Here is how i resolved my issue (Which was the interface count as suggested by Ian)

I changed the "LAN" security zone's IP from .254 to .250. Reconnected over .250, Configured Port1 on the same "LAN" zone with .254. I was surprised the Firewall allowed me to configure the same zone and subnet on another interface but this allowed the security zone to stay active in 2 places. I then deleted Port5 and everything was still up and running, At this point i was left with Port1-4 configured, active and working. On the next reload, i disabled the on board NIC and after boot up, Port5 was gone leaving me with 4 Network interfaces!!!! (Port1-Port4)

Created a new backup, applied this backup to the NEW device and i am happy to say i am up and running with minimal configuration to complete this task.

It was a battle but the work around was not only informative, but i was able to complete the migration which in the end, was the point.

Thank you Ian.  I work for an IT MSP so i appreciate not only your helpfulness, but were extremely responsive which is the hardest part of support. So again thank you!