• All
  • Data Center
  • Enterprise
  • Home
  • Medium Enterprise
  • Small
  • SME
  • Default
  • Title
  • Date
  • Random
  • Read More

    NetGate SG-1000

    The Netgate® SG-1000, the world smallest pfsense firewall, this micro-Firewall is a cost-effective, state-of-the-art, pfSense® Security Gateway appliance, a ideal personal VPN firewall. The Netgate® SG-1000 comes with dual 1Gbps
    • Home
    • Small
  • Read More

    NetGate 1100

    Netgate 1100, a world-class best price-performance, elegant packaging, and an unbeatable low price with original pfSense. The Netgate 1100 is underpinned by the powerful, yet energy efficient, 64-bit Marvell ARMADA®
    • Home
    • Small
  • Read More

    NetGate 2100

    Netgate 2100, Big value, attractive appearance Pound-for-pound, the Netgate 2100 security gateway appliance with pfSense software delivers unbeatable performance and flexibility in its class. It is ideal for home, remote
    • SME
  • Read More

    NetGate 4200

    The Netgate® 4200, 4G DDR5 Ram, 16G storage. with pfSense Plus software is the most versatile security gateway in its class. The Netgate 4200 utilizes the blazing fast performance of
    • SME
  • Read More

    NetGate 4200 MAX

    The Netgate® 4200 max, 4G DDR5 Ram, 128G M.2 storage. with pfSense Plus software is the most versatile security gateway in its class. The Netgate 4200 utilizes the blazing fast
    • SME
  • Read More

    NetGate 6100

    The Netgate® 6100 is one of the most versatile security gateways in its class. It is ideal for home, remote workers, and small businesses who require flexible port configurations for
    • Medium Enterprise
    • SME
  • Read More

    NetGate 8200

    The Netgate® 8200 is one of the most versatile security gateways in its class. It is ideal for SME, Enterprise, IDC who require flexible port configurations for high-speed WAN and
    • Data Center
    • Enterprise
    • Medium Enterprise
  • Read More

    NetGate 8300

    1G, 2.5G, 10G, 25G, 100G WAN ... Netgate® 8300 experience unparalleled value and performance powered by pfSense® Plus software. The Netgate 8300 is tailored for medium to large business, xSP, MSP/MSSP
    • Data Center
    • Enterprise
  • Read More

    NetGate Firewall Appliances

    On Premises A highly-configurable, robust feature set to meet all of your security requirements in a physical Netgate firewall appliance.
load more / hold SHIFT key to load all load all

Upgrading pfSense on a High Availability Cluster

There is more to updating a cluster than the typical process, but in all updating a cluster is much less disruptive as the users will not have any downtime in most all cases.

If at any point in this procedure a failure condition is encountered, seek assistance from our support.

Review the Changelog and Upgrade Guide

Before starting any part of an upgrade, first look at the Blog and release logs for any notable changes or items to be aware of between the version currently in use and the one that will be in use after upgrading.

Common issues are also listed in the upgrade guide, especially for major version upgrades.

Backup

Before starting, take a fresh backup from Diagnostics > Backup/Restore on both nodes.

Warning

Do not skip this step! A backup is quick and easy to do, and invaluable to have if the upgrade does not go as expected!

Download installation media for the release currently in use if a reinstall is necessary.

Upgrade Secondary

Perform the OS upgrade on the secondary node first. This way, if the upgrade fails, there is no interruption and if a reinstall is needed, it can be done without worry.

Test Secondary

Once the secondary has booted back up, login and confirm that it is running as expected. If all services are active, the CARP status is OK, and so on then it is time to test. Force a failover from the primary node by placing it into maintenance mode (See Testing Failover) and observe what happens on the secondary. If the secondary takes over OK and traffic continues to flow, then it is OK to proceed.

Upgrade Primary

With the primary node in maintenance mode, it is safe to upgrade without additional interference. Initiate the OS upgrade and let the system reboot. Once it has rebooted, confirm that local services are running as expected and then take the node out of maintenance mode.

Test Again

With both units on the current OS and active, run some final tests to ensure that services are operational, traffic is flowing, and that the CARP, DHCP, and other status areas are all running properly.

SNMP Monitoring