Thread: Migration - New Hardware - Same license
View Single Post
  #5 (permalink)  
Old 2007-07-10
lammbo lammbo is offline
Senior Member
  
Join Date: 2006-02-09
Location: Charleston, SC
Posts: 278
Rep Power: 3
lammbo has an average reputation (10+)
Default Re: Migration - New Hardware - Same license
OK, you have possibilities then! Please understand I'm trying to keep this very generic, but you should get an idea of what is possible.

Do you have a separate SmartCenter? If so, that would be ideal. (I'll get back to this later)

Here are some options for you to consider:
CP Licenses, once in file format, can be attached and re-attached at any time as long as your version and IPs are unchanged. Make backups of all of your license files on your current system because you will be upgrading them and they will not work on the older version.

Now that you're safe on the current version you're running, you can start your upgrades on your new hardware.

Total System at once:
Get a backup of your current DB if you plan on upgrading.
Go to the CP usercenter and upgrade your licenses to NGX and download them all.
Follow all the documentation to install R62, configure/upgrade your new hardware in a standalone environment and apply the NGX versions of the licenses.
Your old systems will continue to work in production while you build all of your new stuff offline (in a lab?).



1 gateway at a time (if you have separate SmartCenter):

Build new SmartCenter (Upgrade DB method or from scratch)
Replace SmartCenter (same IP, etc.)
Reset/Re-establish SIC with older/existing gateways
Push policy to gateways
Keep new server or go back to old, based on success or failure

Build new gateways offline (Interfaces, routes, etc.)
Take the passive gateway in live cluster down and bring up the new box (NO SYNC CABLE - it won't work anyway)
In SmartCenter, change the version to the correct one (R62 you say) for the new gateways
Reset/Re-establish SIC on passive node
Push policy (it will only be pushed to the newer R62 gateway since you changed what version it is in SmartCenter)
Shutdown the old primary node and start your testing - Assuming you got it right, all of your site to site tunnels and all that should be OK. You always have the option to go back this way should a step fail.
If satisfied, bring up your new primary node, do SIC, push policy, attach SYNC cable and then reboot whichever box you put in first to test HA. Depending on your SPLAT cluster settings, it should fail to node 1 and not go back once node 2 is completed with reboot.

Repeat with other pair of gateways


If properly executed, you can have everything replaced with little to no downtime. I love HA! Clusters rule!
__________________
There's no place like 127.0.0.1
Reply With Quote