 Moving SmartCenter
Here's some background:
I have a Nokia IP350 running NGX R61. All of the components are currently running on this machine. I have a second IP350. What we are trying to do is move the SmartCenter services to a central dedicated box, and have a single IP350 running as a gateway only.
I was able to use cp_merge to export the current policy, objects, and users into the new SmartCenter. When I imported the policy, a few pieces did not get imported. None of my VPN tunnel shared secrets imported. Also, neither did the global properties. So, I manually inserted the shared secrets.
When we attempted to switch over to the new IP350, about half of my site to site VPNs wouldn't route traffic. I saw a few IKE errors in the log, but for the most part, ping traffic was leaving the gateway via the tunnel, just not returning.
So, my question is this:
Is there a way or something I missed in importing shared secrets and the global properties? Is there a recommended approach for moving SmartCenter to a second machine?
TIA  |