Backup Restore - Will BOVPN setting be restored?

GrTGrT
edited March 2022 in Firebox - Upgrade, Downgrade, Backup

Hello,
I have a Firebox T40 running 12.7.2. I have a BOVPN configured and I have a backup from 2/23/22 right before the most recent firmware update.

Three days ago I was experiencing connectivity issues with the BOVPN to another Firebox and I made changes to the BOVPN configuration on both side including the Pre shared Key.

If I RESTORE from the backup made prior to my recent changes to the BOVPN, will ALL the previous BOVPN setting (including the previous Pre-Shared Key) also be restored?

I realize I will have to do a restore to both Fireboxes on each end of the BOVPN.

Thank you,

Greg

Comments

  • Bruce_BriggsBruce_Briggs

    Yes. The preshared key, etc. is stored in the config file.

  • GrTGrT

    Thank you Bruce. I have done many backups over the years but I have yet to do a restore. Good to know that it will RESTORE my Firebox to its previous state completely. I plan to follow-up the restore with the latest firmware update.

    Thank you

  • GrTGrT

    So I just attempted to restore the Backup from Watchguard Cloud for my device. The date of the backup is 1/31/22 and the OS of the backup is 12.6.2. When I select Restore I get a message "unable to locate firmware image for version 12.6.2.B631387 and model T40 [request-id None]".

    Are none of my backups in Watchguard Cloud actually available? This is troublesome to me.

    Thoughts or ideas?

    Thank you

  • Bruce_BriggsBruce_Briggs

    Is this a cloud managed firewall?

    Have you reviewed this?

    Manage Firebox Backup Images in WatchGuard Cloud
    https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/WG-Cloud/Devices/sub_back-up-restore.html

  • GrTGrT

    HI Bruce. No my Fireboxes are visible and upgradeable/scannable in Watchguard Cloud, but I manage them mostly using the local Web UI.

    From what I read, I need to downgrade my Firebox to a lower OS of the backup I have of 12.6.2 first. Once I downgrade the firebox, then I should be able to restore the backup that was done on that OS.

    However, I then read that I cannot Downgrade my T40 from 12.7.2 now that it is on that OS. I figure I am out of luck on restoring the backup and must now focus on rebuilding the BOVPN Gateways and Tunnels.

  • Bruce_BriggsBruce_Briggs

    If you have upgraded to V12.7.2 Update 2, then you can't downgrade, and you need to fix/change your BOVPN settings

  • GrTGrT

    Thanks Bruce. Live and learn. From now on I will backup before making any changes to the Firebox configuration.

  • Bruce_BriggsBruce_Briggs

    Note that the V12.7.2 U2 version is a very special circumstance.
    In the past, rarely has there been specific version downgrade preventions.

    However, best practice is to always back up a config prior to an upgrade.

    FYI, in WSM Policy Manager, there is an option to always save any changes made to a config when sending the updated the config to the firewall.
    Also, there are saved configs with changes made with Dimension command, which uses the Web UI.
    Other options to keep in mind.

Sign In to comment.