Quote:
Originally Posted by Devon_Custard  Indeed, I was proposing using the "newer" upgrade_export on the R62 server.
OK, update time. It didn't work. BUT.....I do get a different error now. Instead I get "Database conversion failed".
Will do some research. |
Here is a method I've used successfully in the past when a direct upgrade_export/upgrade_import would not work. Note that this technique brings over objects and policies ONLY, and does not include Global Properties, SIC/Certs, Users/User groups or SmartDefense/IPS settings (which might be a good thing in your case):
1) Take upgrade_export from R62 SmartCenter
2) Scratch-load a new temporary R70 SmartCenter in VmWare or on some old hardware (no need to patch it to R70.20)
3) upgrade_import the R62 config on your temporary SmartCenter
4) Perform a cp_merge export_policy for each policy package you want to take on the temporary SmartCenter
5) Take copies of $FWDIR/conf/objects_5_0.C and all exported policy files from the temporary SmartCenter
6) Load R70 on your new permanent SmartCenter and patch it to R70.20
7) Using objects_5_0.C from temporary SmartCenter, do a cp_merge merge_objects
8) Bring exported policy packages in from your temporary SmartCenter with a cp_merge import_policy
Examine all aspects of your Firewall-1 configuration carefully (especially Global Properties) as only objects and policies are brought over using this technique. cp_merge cannot migrate objects/policies between different versions of Firewall-1 like upgrade_import can, hence the need for a temporary intermediate SmartCenter.
edit: fixed spelling