There are different types of configuration files available in your device. In the following article, we explained the most common files types and how are these related to the two partitions that the Gateway devices have.
1. Types of configuration files
2. Configuration files by partition
3. How is the configuration affected when switching partitions
1. Types of configuration files
The following describes the standard configuration files:
- System-default.conf
-
If there is no startup-config.conf when you (re-)start the ZyWALL/USG/ATP, the device uses the system-default.conf configuration file with the factory default settings.
-
- Startup-config.conf
-
The startup-config.conf file is the configuration file that your device is currently using.
If there is a startup-config.conf, it is first checked for errors. If there are no errors, the device uses it and copies it to the lastgood.conf configuration file as a backup file.
-
If there is an error, the device generates a log and copies the startup-config.conf configuration to the startup-config-bad.conf configuration file and tries the existing lastgood.conf configuration file.
-
If there isn’t a lastgood.conf configuration file or it also has an error, the ZyWALL/USG/VPN applies the system-default.conf configuration file.
-
- %customerchoose%.conf:
- At any time, especially before doing major configuration changes, it is recommended to safe the current configuration. This can be done by copying the startup-config.conf and rename the copy to your preferred name.
- autobackup-*.conf
- before your device upgrades to a new firmware, the startup-config is copied to the autobackup-*.conf
2. Configuration files by partition
Our Gateway series devices (Zywall, USG, USG FLEX, ATP, VPN) count with two partitions on which different firmware version can be installed, having one partition as the Running and the other Partition as Standby:
Maintenance > File Manager > Firmware Management
"Running" status means the device has now boot up using that partition (partition #2 in the image above), and "Standby" (partition #1) means the other partition not being used at the moment.
As the partitions can have different firmware version, each partition has its own set of configuration files. While checking the "Configuration File" page you are actually seeing the configuration files of the running partition.
In order to see the configuration file of the standby partition, you can use the following guide:
How to download the config file from the "standby" partition?
Keeping in mind the different set of configuration per partition can be important at the time to reboot or upgrade the firmware of the device.
3. How is the configuration affected when switching partitions
Standby and Running partitions use a different set of configuration files as previously explained.
While you reboot or upgrade your Gateway device always using the running partition, you should not encounter issues in the configuration after the device boot up as the same configuration file is being used.
How to reboot a USG via web interface
However, rebooting or upgrading the Standby partition might result in your device using previous configuration.
When a new firmware is uploaded to the Standby partition, you will got a pop-up question asking if you want to reboot the device immediately or not. This action has an effect:
- Reboot immediately: this will convert the current "Startup-config.conf" from the "Running" partition configuration to the latest firmware structure and the configuration will be used after the device boots up. This is the recommended way to upgrade your standby partition.
- Do not reboot: This will only update the newest firmware to the Standby partition and NO configuration conversion is done automatically. A configuration file called "autobackup-*.conf" will be created in the standby partition which is actually current configuration from the Running partition, but this will not be used automatically.
Rebooting the device by selecting the Standby partition will make the Gateway to use the"Startup-config" that this partition already had before, which it might be an old configuration from previous firmware in which your admin password might have been different, resulting in the lost of access.
If the access is still possible and you already boot up using the standby partition, you can simply load the configuration from the autobackup-*.conf file that was generated right at the moment of the firmware upgrade.