AnsweredAssumed Answered

Migrate Standalone to Distributed - Failed to Open File configuration2

Question asked by Stephen Henihan on Oct 18, 2018
Latest reply on Oct 19, 2018 by Günther W. Albrecht

My goal is to convert a standalone R77.30 4400 appliance into a gateway for a Distributed license Security Manager Hyper-V VM that'll do management, reporting, logs, etc. We only have the one 4400 in place at the moment so downtime is an issue.

 

As I understand it, I should migrate the standalone configuration to distributed first (using the same version of Checkpoint software), convert the 4400 to a gateway (wipe and reinstall it), upgrade the management server to R80 and finally upgrade/redeploy the gateway as R80. 

 

 

As a first step, I am trying to migrate the 4400 database to a temporary/interim VM running R77.30 Security Management (with a trial license, different hostname and different IP to the original 4400). The idea was to then upgrade the R77.30 VM to R80.2 and finally migrate the database to a clean R80.2 VM.

 

I used the upgrade_export command initially but then switched to R77.30.03 Migration Tools (when the help on upgrade_export reported I should). I export from the 4400 and then VI to remove references to Firewall/gateway role and then repack the export.

 

Whenever I try to import the package, the failure seems to indicate that "configuration2" file cannot be found.

 

The repackaged export file contains all the directories and files of the original but I have noticed (in WinSCP) that only the main_db directory and configuration file are exported to $FWDIR/tmp/migrate during the 'migrate import' phase. Then the migrate seems to quit, reporting a failure to locate 'configuration2'.

(This was the same error reported by the log for upgrade_import).

 

Looking at the log, I manually ran the gzip and gtar commands it used and all files exported fine. I believe that there is plenty of free space on all volumes. (I was going to try and get migrate to use a different path to extra the temporary files but I can't find how to do that.)

 

If the log just isn't telling me what's really happening, could you point me in the direction of how to find out what's really wrong with the process?

If I am approaching this the wrong way, could you please advise me what steps I should be taking (the hardest part I find is locating the appropriate versions of tools/OS/patches)?

 

Here is the end of the log file.

 

[18 Oct 12:27:57] [ReadFwsetFile] Going to read file '/opt/CPsuite-R77/fw1/tmp/migrate/configuration2'
[18 Oct 12:27:57] [ReadFwsetFile] ERR: Failed to open file: No such file or directory
[18 Oct 12:27:57] ..<-- ReadFwsetFile
[18 Oct 12:27:57] [MigrateConfig::ReadConfigFile] ERR: Failed to create config file
[18 Oct 12:27:57] .<-- MigrateConfig::ReadConfigFile
[18 Oct 12:27:57] [MigrateConfigInitializer::exec] ERR: Failed to read config file
[18 Oct 12:27:57] .--> NotifyUser
[18 Oct 12:27:57] ..--> IsRunningInteractively
[18 Oct 12:27:57] ...--> GetConfig
[18 Oct 12:27:57] ...<-- GetConfig
[18 Oct 12:27:57] [IsRunningInteractively] Running interactively
[18 Oct 12:27:57] ..<-- IsRunningInteractively
[18 Oct 12:27:57] [NotifyUser] Running interractively, presenting a message to the user
[18 Oct 12:27:57] [NotifyUser] A message to the user is:
------------------------------------------------------------------
Cannot get needed information from imported archive.
Archive doesn't contain exported Check Point database or
database export was performed with wrong migration tools.
Do database export with migration tools for version installed
on destination machine.
------------------------------------------------------------------
[18 Oct 12:27:57] .<-- NotifyUser
[18 Oct 12:27:57] <-- MigrateConfigInitializer::exec
[18 Oct 12:27:57] [ActivitiesManager::exec] ERR: Activity 'MigrateConfigInitializer' failed
[18 Oct 12:27:57] [ProgressUpdater::UpdateProgressToGaia] Progress Updated to '13.0435
[18 Oct 12:27:57] [ActivitiesManager::exec] WRN: Activities execution finished with errors
[18 Oct 12:27:57] [ActivitiesManager::exec] WRN: Activities 'MigrateConfigInitializer' have failed
[18 Oct 12:27:57] [ActivitiesManager::exec] Designated exit code is 1
[18 Oct 12:27:57] --> CleanupManager::Instance
[18 Oct 12:27:57] <-- CleanupManager::Instance
[18 Oct 12:27:57] --> CleanupManager::DoCleanup
[18 Oct 12:27:57] [CleanupManager::DoCleanup] Starting to perform cleanup
[18 Oct 12:27:57] .--> DirCleaner::exec
[18 Oct 12:27:57] [DirCleaner::exec] Going to remove directory '/opt/CPsuite-R77/fw1/tmp/migrate/'
[18 Oct 12:28:00] [DirCleaner::exec] WRN: Failed to remove the directory
[18 Oct 12:28:00] .<-- DirCleaner::exec
[18 Oct 12:28:00] [CleanupManager::DoCleanup] Completed the cleanup
[18 Oct 12:28:00] <-- CleanupManager::DoCleanup

 

[Expert@checktemp:0]# df -kh /opt/CPsuite-R77/fw1/tmp
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_splat-lv_log
117G 4.5G 106G 5% /var/log
[Expert@checktemp:0]# df -kh
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_splat-lv_current
31G 11G 19G 36% /
/dev/sda1 289M 24M 251M 9% /boot
tmpfs 3.9G 0 3.9G 0% /dev/shm
/dev/mapper/vg_splat-lv_log
117G 4.5G 106G 5% /var/log

 

Thanks.

 

Stephen

Outcomes