cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

Migrate standalone 4800 cluster to separate management server

Jump to solution

hi Checkmates,

we have a customer running 4800 cluster (active /standby ) in standalone mode , now they have purchased separate management server .  we need to move the 4800 cluster standalone to distributed set up with minimum downtime.

Any suggestion, i have gone through some SK but not getting the proper steps to do it . if anyone can share the steps it will be very helpful.

thanks in advance

Tags (1)
0 Kudos
1 Solution

Accepted Solutions
Danny
Pearl

Re: Migrate standalone 4800 cluster to separate management server

Jump to solution

Maintaining a 4800 Appliance Cluster in Standalone Mode is called Full HA Mode. Therefore just follow the steps described in sk44201 in order to migrate your Full HA environment to Distributed environment.

I've done that several times. Works like a charm. For minimum downtime just leave one of the two 4800 Appliances running until your Distributed migration is completed with the other one of the 4800 Appliances and switch cables. This way you also have a fallback if something doesn't work as expected.

Related: sk66740

Alternative

If the 4800 Cluster is just a plain firewall I'd personally just export the policy, firewall and nat rules, objects and services via Confwiz (Release Notes, Admin Guide, Linux version) and import it back into the freshly installed management server. Of course the cluster object and global properties would need to be configured again manually but that almost all to it.

Then I'd reinstall and configure one of the two 4800 Appliances, establish SIC to the new management, install the security and bring it back into production before reinstalling the other 4800.

0 Kudos
1 Reply
Danny
Pearl

Re: Migrate standalone 4800 cluster to separate management server

Jump to solution

Maintaining a 4800 Appliance Cluster in Standalone Mode is called Full HA Mode. Therefore just follow the steps described in sk44201 in order to migrate your Full HA environment to Distributed environment.

I've done that several times. Works like a charm. For minimum downtime just leave one of the two 4800 Appliances running until your Distributed migration is completed with the other one of the 4800 Appliances and switch cables. This way you also have a fallback if something doesn't work as expected.

Related: sk66740

Alternative

If the 4800 Cluster is just a plain firewall I'd personally just export the policy, firewall and nat rules, objects and services via Confwiz (Release Notes, Admin Guide, Linux version) and import it back into the freshly installed management server. Of course the cluster object and global properties would need to be configured again manually but that almost all to it.

Then I'd reinstall and configure one of the two 4800 Appliances, establish SIC to the new management, install the security and bring it back into production before reinstalling the other 4800.

0 Kudos