Thanks @Tal_Paz-Fridman : I will test this.

I also wanted to know how to migrate the distributed env mgmt server to the new mgmt server. Will migrate_server will solve the problem?

As noted in the SK, migrate_server is part of the flow 

Okay. One more question I have. migrate_server from standalone and distributed can be imported into new mgmt server?

migrate_server is the utility used for the export and import. It can be run from any machine that has a database. 

Just follow the instructions closely and it will work.

Hi @Tal_Paz-Fridman :

I tried replicating sk179444. It failed with error: Migration between full HA and non full HA machine is not supported. The standalone devices are in HA.

Any suggestions. How to resolve this?

Hi @Tal_Paz-Fridman : I tried following this article:
https://community.checkpoint.com/t5/Management/Moving-from-Full-HA-to-Distributed-on-R80-x/m-p/13068

I can only see the configuration2 file not the configuration file.

When I export export_standalone file. I get below content:

drwxr-xr-x 8 admin root 4.0K Jan 19 11:27 .
drwx------ 16 admin root 4.0K Jan 19 21:54 ..
drwxr-xr-x 3 admin root 164 Jan 19 11:27 31ab94da-4ab1-5da9-a03d-ddddddaaaaaa
drwxr-xr-x 3 admin root 164 Jan 19 11:27 41e821a0-3720-11e3-aa6e-0800200c9fde
drwxr-xr-x 3 admin root 164 Jan 19 11:27 8bf4ac51-2df7-40e1-9bce-bedbedbedbed
drwxr-xr-x 4 admin root 4.0K Jan 19 11:27 a0bbbc99-adef-4ef8-bb6d-cebcebcebceb
drwxr-xr-x 3 admin root 164 Jan 19 11:27 a0eebc99-afed-4ef8-bb6d-fedfedfedfed
-rw-r--r-- 1 admin root 57M Jan 19 11:27 a0eebc99-afed-4ef8-bb6d-fedfedfedfed.tgz
-rw-r--r-- 1 admin root 23K Jan 19 11:27 com.checkpoint.management.mgmt_blade.objects.DomainBase.data
-rw-r--r-- 1 admin root 7.3K Jan 19 11:27 com.checkpoint.management.upgrade.objects.UpgradeRuleData.data
-rw-rw---- 1 admin root 60M Jan 19 21:54 export_standalone
drwxr-xr-x 4 admin root 4.0K Jan 19 11:28 extra_data

This don't have configuration file.

If I extract a0eebc99-afed-4ef8-bb6d-fedfedfedfed.tgz
This has configuration2 file. After making the changes. I run below command 

tar -cvzPf export_standalone * and import the file. Import fails. I tried with .tgz extension as well.

Please suggest.

@_Val_ : Can you also please guide.

Thank You

The SK states clearly:

Limitations

These migration procedures do not support Full High Availability clusters (Full HA).

This might require contacting TAC or PS or use tools just to export and import the policy:

https://github.com/CheckPointSW/ExportObjects

https://github.com/CheckPointSW/ExportImportPolicyPackage

As Tal already mentioned, Full HA migration is not supported. Open a TAC ticket to see if they can help you. Otherwise, you will need to engage with Check Point PS or re-create policy manually or through APIs

Also, the article is for a much older SW version, the suggested case will not work for you anymore.

Hi @G_W_Albrecht I went though the solution but I am looking for different solution. Let me explain.

NEW MGMT SERVER - A
VSX CLUSTER - B

GATEWAY - C

OLD MGMT SERVER -D

We already built new firewalls as VSX cluster (B) and integrated with new mgmt server (A). Now we need move the polices from Old MGMT server (D) having different set of policies for gateway (C) to new mgmt server (A).
I run migrate_server export on old mgmt server (D) and imported on new mgmt server (A). Once import was done, it removed VSX cluster and policies related to it and made replica of old mgmt server (D). This way we are loosing the configuration already running on new mgmt server. How can we retain that and migrate polices from other mgmt server to new one. I tried export_import_Policy package but its throwing lot of errors.
I see only option is to do manual configuration of polices on new mgmt server.

No, see here: https://community.checkpoint.com/t5/API-CLI-Discussion/Python-tool-for-exporting-importing-a-policy-...

Hi @Tal_Paz-Fridman : I was testing in lab. I already have new mgmt server integrated with VSX gateway and another distributed setup having 1 gateway. I use migrate_server and exported the database from mgmt that manages 1 gateway and imported to new mgmt. It overwrites the existing database and all VSX gateway and configuration is lost.

I would definitely open TAC case to verify all this.

Andy

Expected behavior as migrate_server overwrites the existing management database.
To merge multiple managements, you’ll need the following: https://community.checkpoint.com/t5/API-CLI-Discussion/Python-tool-for-exporting-importing-a-policy-...