Hi,
from time to time we have need to restore XG/XGS configuration from backup to different model. I got information that two things are impossible:
- restoring configuration to different model (this is doable on some other vendors boxes where you need to align interface names during restore)
- to read configuration in plan text, adjust it and upload to device
I would like to skip explanations this is "by design" to make something "more secure". If this is true, is this oversight from Sophos where they don't know what is performed in field or some way to induce more sales ♂️
Can somebody shed some light on this?
You can read all restrictions here: https://support.sophos.com/support/s/article/KB-000036245?language=en_US
So you can do this and migrate. There are just a few restriction. For example you cannot go lower (Using a XGS2100 and go to Desktop XGS136).
__________________________________________________________________________________________________________________
https://community.sophos.com/sophos-xg-firewall/f/discussions/135882/restoring-configuration-to-different-model-reading-configuration-without-device
just posted this. is there a workaround here?
Thank you.
Hi damiri,
As mentioned, by LuCar Toni the two points you brought up are actually possible to do.
1. You can restore configuration to a different model as long as the model is the same or higher. More details and other restrictions outlined in the linked article.
2. You can export your firewall configuration .tar, once extracted you'll find an xml file that can be edited with a text editor before importing. Here's the guide.
Your posts will be merged.
LuCar Toni Karlos
thank you guys for sharing this info.
Karlos,
Karlos said:2. You can export your firewall configuration .tar, once extracted you'll find an xml file that can be edited with a text editor before importing. Here's the guide.
after editing file, are we still bound to those restrictions mentioned here: https://support.sophos.com/support/s/article/KB-000036245?language=en_US ?