Any specific reason?

I only need the object and policy. We don't need to restore the server data.

i am importing the configuration between standalone machine and management only machine . Thanks.. i will follow this SK

I think you should still be able to do a migrate export of the management piece, import into a new standalone management system, then do a clean install of the gateway.

You can easily test this without affecting your existing gateway (except for the cpstop required to take the migrate export).

Not clear with the answer. Let me reiterate the query:

I have R80.10 Standalone machine. Would like to migrate it to distributed setup(separate Mgmt server and GW).

Both sk61681 and sk85900 doesn't applicable to R80.xx

What do you suggest on this?

1. Download the files from here:

2. Run this cmd :    api start
   1. Make sue API status is running, run this cmd:

3. Create a directory

• mkdir APIpython
• scp all files to that directory
• Run the python script CMD:

4. To import, copy the file to the new server and follow the same process from the menu based & choose option #1

Tried this with a system that has VPN's configured. Seems the python script doesn't like Interoperable Devices and VPN communities as it failed to import;

Adding vpn-communities-star

Failed to import vpn-community-star with name [Corp_Carrollton_VPN]. Error: Invalid parameter for [shared-secrets]. Invalid value

Failed to import vpn-community-star with name [Corp_COLO_VPN]. Error: Invalid parameter for [shared-secrets]. Invalid value

👍

To describe what I said a little more verbosely:

1. Run a migrate export on your existing standalone gateway. This will create a copy of your management configuration.
2. Install your new management (only) server and use migrate import to import the configuration to your new management server.
3. Do a fresh install of your existing standalone system as Security Gateway only, which will include creating a new gateway object, establishing SIC, etc.

Refer to the Installation and Upgrade Guide R80.10 for more details.

Are you sure that you can export a standalone configuration and import it to a mgmt only just like that on R80.30??

And if that succeeds, what about the gw object after the import? We ll need to "revert" this object to mgmt only in order to  create a new gateway, is this possible??

Or should we just use the python method ??

Hello @PhoneBoy .   while I appreciate the interest in doing it ourselves, I assume that support has ways to purge an "all-in-one" migrate export file of SIC and local gateway refernce(s)?    I send them a "migrate export <>" from all-in-one export and they send back file without local gateway reference (and SIC reset)?

Because support has done numerous voodoo operations in past, I like this method instead of jumping through endless hoops that only burn time for everyone (customer, reseller, etc).

thoughts? 

If TAC had such a tool, it'd most likely be formally documented in an SK, even internally.
I haven't seen that. 

Hello -- I can confirm that SK154033 does work for Standalone migration to Distributed for R80.40.      However, there are various clean-up aspects that are missing and we have SR open on topics.

In addition, the source standalone server was a CP-badged appliance running R77.30 with JHA.    The R80.40-based standalone instance is temporary.

We used HyperV as virtual platform and took "snapshot/checkpoint" after initial GAIA install -- before wizard -- so we could clone into the other instances we needed (permanent and temporary).

Note:   HyperV is supported for R80.40 in production with specific JHA/HFA take installed.   See HCL for specifics (virtual machines tab).