pfSense

As confirmed in #14921, External Config Locator only triggers a package sync on first boot.
As documented in #16374, when there is no connectivity on WAN following an initial install, all package configurations are removed.

The following was done to restore a configuration to a different WAN using a distinct static IP and subnet:

1. Copy the target configuration to a Netgate Installer USB key and perform the initial install selecting this configuration (option 0, /config.xml)

Enter the shell and issue a "poweroff"
Remove all network cables and USB key. This install can be done from any network connection.

2. Reboot the firewall and assign the new static IP and Gateway to the WAN port you want to use on first boot.

Enter the shell and issue a "poweroff". This is meant to be done offline.

3. On location, insert the USB key and network cable in the target WAN port connected to the target ISP subnet.

Power on the firewall and boot from the Netgate Installer USB key
Select the recovered configuration file (option 1, typically /ada0.../config.xml) and reinstall pfSense: this file has the proper WAN configuration)
At the end of the installation, enter the shell to issue a "poweroff" and remove the USB key.

4. Reboot the firewall. Packages are now being reloaded. If you want a confirmation, enter the shell and issue the command

grep -r "rc.start_packages" /var/log

Typical results are:

/var/log/system.log:Aug 20 07:38:43 keepalive php-cgi[50948]: rc.start_packages: Restarting/Starting all packages.
/var/log/system.log:Aug 20 07:38:43 keepalive php-cgi[50948]: rc.start_packages: Stopping service lldpd
/var/log/system.log:Aug 20 07:38:43 keepalive php-cgi[50948]: rc.start_packages: Starting service lldpd

Please note that in my tests, I had to reload DHCP leases using the Restore Area "DHCP Server" of the Restore Backup GUI.

We need a better disaster recovery plan for configurations where DHCP is not available on WAN (which is the case of ALL my firewalls ;-).

Regards,