- CheckMates
- :
- Products
- :
- Quantum
- :
- Management
- :
- Migrate vpn tunnels
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Migrate vpn tunnels
Hi,
I am planning to migrate vpn tunnels from one cluster to a newer which both are connected to same SMS.
At cluster 1 there are about 10 VPN tunnels terminated to cluster ip 10.10.10.1.
I would like to migrate these tunnels from this cluster without having to notify and change anything at the interopable devices which are managed by third party.
So first, move ip from cluster1 to cluster2 and then install changes. Change communities so cluster2 is the new member.
What would be the steps here, do i need to add cluster1 ip as secondary ip to cluster2 ?
What about the othe vpn blade settings ?
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It doesn't change the fact that you cannot use more than one "virtual" IP per segment with ClusterXL.
Which means you have a decision to make: to reuse the old Cluster IP on the new cluster as the main IP or not.
Main IP is set in the relevant Cluster/Gateway object on the General tab.
If the answer is no, then you will need to do what I suggested before (change Link Selection to use 10.10.10.1, change routing on upstream router to point to new cluster).
If the answer is yes, then you will need to change the main IP on the old cluster to something else and push policy.
Then you can change the main IP on the new cluster to 10.10.10.1 and push policy.
Either approach will require an outage.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You can't use 10.10.10.1 as a virtual IP on the other cluster as ClusterXL doesn't really allow you to do that.
What you can do is something like:
- Configure upstream router to send traffic destined for 10.10.10.1 to forward to Cluster 2 virtual IP
- Use Link Selection on the other cluster to set the source IP to be 10.10.10.1
Otherwise, I don't see how you can do this without notifying the remote end.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi
The plan is also to decomission cluster1, so that ip will be available to use.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It doesn't change the fact that you cannot use more than one "virtual" IP per segment with ClusterXL.
Which means you have a decision to make: to reuse the old Cluster IP on the new cluster as the main IP or not.
Main IP is set in the relevant Cluster/Gateway object on the General tab.
If the answer is no, then you will need to do what I suggested before (change Link Selection to use 10.10.10.1, change routing on upstream router to point to new cluster).
If the answer is yes, then you will need to change the main IP on the old cluster to something else and push policy.
Then you can change the main IP on the new cluster to 10.10.10.1 and push policy.
Either approach will require an outage.