Upgrading pfSense to Version 2.0 Release
After three release candidates pfSense version 2.0 release is officially now available. Version 2 has many new features and upgrades that make it much better than previous versions of pfSense.
Some of the notable features in version 2 include improved multi-wan support, an updated traffic shaper, improved VPN support, and many other improvements.The core operating system in 2.0 has also been upgraded to FreeBSD 8.1.
If you are still running version 1.2.x or a release candidate then now is a great time to upgrade. The upgrade process is easy to doesn't take very long to complete. If you don't want to upgrade your system you can always download the installer and reload the system from scratch.
Before You Update
Make a backup
Before you begin the update process I strongly recommend making a backup of the configuration. In the event that the update fails and you need to rebuild the system you can simply restore the config and re-install your packages. Rebuilding the firewall configuration can be both frustrating and time consuming.
Before performing the upgrade you should uninstall all of the packages on the system. This step is especially important if you are upgrading from version 1.2.3.
The configuration for the packages will remain on the system, and is also stored in the backup file. if you do not remove the packages there is a possibility one of them may prevent the system from booting after the upgrade. This is a rare occurrence but I have seen it happen so don't take any chances.
Using the Auto Updater
The easiest way to update to version 2.0 is by using the auto updater which is built into pfSense. To access the utility select the firmware option in the system menu.
You should see a message that states " A new version is now available". To start the update process click the auto upgrade button.
If you don't want to use the auto updater you can manually upgrade pfSense from the web gui as well. The manual update feature is useful if you want to upgrade to a specific version instead of the latest. The auto updater only allows you to upgrade to the latest release but using the manual method you can upgrade to the version you select.
To use the manual update method you will first need to download the full update file from one of the mirrors.
Make sure to download the update file for your architecture ie: amd64/i386 otherwise the update will fail.
The file I downloaded was pfSense-Full-Update-2.0-RELEASE-i386.tgz since my machine was running the 32 bit version.
To start the update process click on the manual update tab, then click enable firmware upload. Next click the choose file button and select the image file you downloaded from the mirror site.
Updating From the Console
The third method of updating pfSense is via the console or SSH. This method is my personal favorite.
To upgrade using the console select option #13 from the console menu. You will then be prompted to update from either a URL or a local file. If you select URL you can enter the URL of the update file, or if you type in "auto" the updater will download the latest version for you.
Once the update has been downloaded the system will automatically verify the MD5 hash of the download. If the file passes the hash check the upgrade will be applied to the system.
After the upgrade is completed you can re-install your packages and begin enjoying version 2.0! Many of the packages have been updated for pfSense 2.0 and some are completely new all together.
The developers are already working on pfSense version 2.1 which will include several new features, most notably support for IPV6.
© 2011 Sam Kear
More by this Author
The pfBlocker package adds the ability to add IP block lists to a pfSense router or firewall. The package combines the functionality of the popular IP Block List and Country Block packages. There are several free...
Heavy bandwidth users can slow down your entire network. This hub will show you how to use pfSense to set up traffic shaping to prioritize internet traffic.
By default the Squid Proxy has no visibility of encrypted HTTPS traffic. Enabling HTTPS interception will allow you to monitor and log encrypted web traffic passing through the Squid proxy server.
No comments yet.