Hello,
I would like to know/understand how restoring an IPFire behaves in respect to existing Net to Net VPN and roadwarrior VPN.
Due to a mishap migrating to 152 I need to restore two IPFire installations, one main IPFire machine and one IPFire machine connected to the main one via n2n VPN.
For both installations I do have the following Backups:
iso IPFire file for the plain installation
ipf backup configuration file
iso file containing the installation and the configuration of the machines
My expectation is that either
1 - do a plain install and restore the ipf
2 - or use the iso with configuration file included
should bring me back to a fully operational condition without any hassleā¦
Unfortunately this was not the caseā¦ I tried version 1 and the outcome is that everything but the functions involving VPN (n2n and roadwarrior) work.
Now my questions are:
should such (variant 1) a restore procedure work and restore also a working VPN connectivity?
should I use variant 2?
does such a restore not work because I need to recreate the VPN keys/credentials, transfer them etc.?
I just did a re-install from scratch of my Core Update 152 installation. I used the iso with configuration file included but in the past I have used the plain iso and then followed up with a restore of the core and add-ons. In both case my OpenVPN road warrior functions were fully restored.
The backups are just zipped archives, so you can view them with an appropriate viewer from your distribution. I use xarchiver with my Arch Linux systems. There you can see the directories and files that have been backed up, so you can check and confirm that the files are in your ipf backup file.
The CA and keys for the server and the client certificates are all backup up and should be restored.
From the ipf backup you can see where the various openvpn files are stored (under /var/ipfire/ovpn/) and you can check on your system if they have been properly restored.
One point to just check, when you do a fresh install with backup restore it does not restore your network interface settings. So you have to go and run setup and re-run the interface type and interface settings.
My expectation is that either
1 - do a plain install and restore the ipf
2 - or use the iso with configuration file included
should bring me back to a fully operational condition without any hassleā¦
I think you have to restore from your .ipf file after the ISO.
If you select Generate ISO on the backup menu page then IPFire creates an ISO file that includes your current settings. When you install using this ISO then the settings are restored at the same time as you install. It even says that the seetings have been found and gives you the option to restore or just do a vanilla install.
I used the backed up ISO with settings for a re-install today and it worked fine. All my settings were restored just as if I had run a vanilla install followed by restore from the .ipf file. I only found out about this when I read the above wiki section before I did my reinstall.