This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Best way to upgrade?

[FONT=Calibri][SIZE=3]I’m using UTM home edition on dedicated PC. I have been holding at v9.1x for a long time due to the Intel e1000 hang issue.[/SIZE][/FONT]

[FONT=Calibri][SIZE=3]I want to update to the latest version but I need the advice of the experts on here. I purchased a Broadcom server NIC to avoid the e1000 hang issue. I even have a spare computer I can use.[/SIZE][/FONT][FONT=Times New Roman][SIZE=3]
[/SIZE][/FONT]
[FONT=Calibri][SIZE=3]What’s the best way for me to update and keep all of my current settings which are quite extensive? I am thinking that maybe the best way is to keep the current system in place and add the spare PC with a fresh install and a temporary gateway IP. That way, I can log into both and copy settings.[/SIZE][/FONT][FONT=Times New Roman][SIZE=3]
[/SIZE][/FONT]
[FONT=Calibri][SIZE=3]Is this the best approach? Can I have both PC’s up at the same time and change the gateway IP of the new UTM to match that of the current UTM once I have all of the settings in place and remove the existing UTM from the network? Can I transfer my certs? How?[/SIZE][/FONT]

[FONT=Calibri][SIZE=3]Is there a better way?[/SIZE][/FONT]

[FONT=Calibri][SIZE=3]Thanks,[/SIZE][/FONT]

[FONT=Calibri][SIZE=3]Jeff[/SIZE][/FONT]
[FONT=Times New Roman][SIZE=3]
[/SIZE][/FONT]

This thread was automatically locked due to age.

0 scorpionking over 10 years ago
Yes there is. Download a backup from your old UTM and apply it to the new...

Will keep all settings, certs, etc.
----------
Sophos user, admin and reseller.
Private Setup:

XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)

UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
Cancel
Vote Up 0 Vote Down

Cancel
0 Jeff x over 10 years ago in reply to scorpionking

Thanks for the reply.

I will give it a try but I'm pretty sure I read on here that importing settings from the previous version causes problems and that person had to start over from scratch.

Have you or anyone else on here successfully imported a 9.1x backup with different NIC's into this new version?

--------------------------------------------------------------------
Sophos UTM 9.714-4 - Home User
Currently testing VM on i3-9100 @ 3.60 GHz
16 GB RAM
Dell Optiplex XE
Intel Core 2 Duo CPU E8600 @ 3.33GHz
8GB RAM
--------------------------------------------------------------------
Cancel
Vote Up 0 Vote Down

Cancel
0 BarryG over 10 years ago

Hi,

As long as you have the same # of NICs (or more), there shouldn't be a problem.

I also recommend having the ISOs for both versions handy in case you need to roll back.

Supposedly the Intel NIC issues have been sorted out, but I haven't tried it yet.

Barry
Cancel
Vote Up 0 Vote Down

Cancel
0 Jeff x over 10 years ago

Thanks guys! Update went very smoothly.

Seems to be working just fine. Actually, my websites load faster when accessing them from the local network. Don't know why. The only hardware change is going from an Intel server NIC to a Broadcom server NIC and a larger SATA HDD (80GB to 250GB). Maybe DNAT's are handled better in 9.2x???

Here's what I did:

1. Installed Sophos on another computer using 9.111-7.1.150 ISO.
2. Updated new install to match version installed on box that is currently in service.
3. Made manual backup of original system.
4. Removed old box from network, installed new box and restored backup to the new box.
5. Finished installing the rest of the Up2Date updates.
6. Had to reboot the ISP's gateway device to make my websites accessible to the Internet even though I could access the Internet from the LAN. Must have held onto the MAC address of the other Sophos box.

I chose to use a different box so I can simply swap the whole unit if I encounter any issues. The two boxes are identical make and model except the new unit has a Broadcom server NIC and a larger HDD.

I'm tempted to manually update to 9.3 but maybe I'll wait until it's pushed out.

@BarryG
In which Sophos version is the Intel NIC issue supposedly resolved? I have read some posts (here's one of them: https://community.sophos.com/products/unified-threat-management/astaroorg/f/52/t/29490) that indicate users with one of the affected Intel chipsets have experienced the hang issue in every version of 9.2 up to and including 9.3.

--------------------------------------------------------------------
Sophos UTM 9.714-4 - Home User
Currently testing VM on i3-9100 @ 3.60 GHz
16 GB RAM
Dell Optiplex XE
Intel Core 2 Duo CPU E8600 @ 3.33GHz
8GB RAM
--------------------------------------------------------------------
Cancel
Vote Up 0 Vote Down

Cancel
0 William Warren over 10 years ago

It depends on the chipset not all intel nics are affected. Search for it i detailed that information. Of course if you have a broadcom nic handy I would make a config backup...install the nic into your current machine..reinstall with 9.3 latest version and restore your backup...

Owner: Emmanuel Technology Consulting

http://etc-md.com

Former Sophos SG(Astaro) advocate/researcher/Silver Partner

PfSense w/Suricata, ntopng,

Other addons to follow
Cancel
Vote Up 0 Vote Down

Cancel
0 Jeff x over 10 years ago in reply to William Warren

Thanks for the info William.

Since I now have a backup box, I went ahead started from scratch and reinstalled using the latest 9.308 ISO. I then restored the backup from 9.1x and so far, all seems good.

Cheers!

--------------------------------------------------------------------
Sophos UTM 9.714-4 - Home User
Currently testing VM on i3-9100 @ 3.60 GHz
16 GB RAM
Dell Optiplex XE
Intel Core 2 Duo CPU E8600 @ 3.33GHz
8GB RAM
--------------------------------------------------------------------
Cancel
Vote Up 0 Vote Down

Cancel

Best way to upgrade?

Submitted a Tech Support Case lately from the Support Portal?