Hi All,
I think this can be helpful for someone who plans to migrate P1 NXG from Solaris to P1 NGX on SPLAT. I wrote this procedure for my team we were able successfully to migrate all our CMAs. It's not the best one, but worked for us. 1) Install fresh copy of P1 NGX on the SPLAT server 2) Configure the SPALT server with any IP address and connect to the network. 3) Ensure that FTP server on the Solaris box is running and new P1 can access it. 4) From the SPLAT P1 execute migrate_assist <IP-address of the CMA> /opt/CPmds-R60/customers/<CMA name>/CPsuite-R60/fw1 <username> <password> /var/tmp/ /opt/CPmds-R60/customers/<CMA name>/CPshrd-R60 This command has to be executed for each one of the CMAs and creates directories with the CMA IP address in /var/tmp 5) Move all new created CMA directories from SPLAT P1 to an external workstation (if you reinstalling P1 from scratch) 6) Change the IP address of SPLAT MDS to match the IP address of the existing Solaris MDS. (Or install P1 from scratch and configure it with the IP address of the Old Solaris server.) You shouldn't be doing this on the same segment with the old P1 as this will result to duplicate IP addresses 7) Move all CMA directories from the workstation back to the new P1 SPLAT server (if you done it in step 6 and installed fresh copy of P1) 8) Launch the GUI and install the primary MDS license. Other way you will get an error of license incompatibility when you start importing different CMAs and your fwm process for the CMA will not start. 9) Create the first CMA with the same IP address as the old one. Do not start the CMA. 10) Select import CMA from the GUI and specify the directory path where the files for this CMA are. This will import the CMA including all the licenses. 11) Repeat steps 9-10 for each one of the CMAs 12) Put the new SPLAT box online. All firewalls should come up and you should be able to push policy to each one of them. Good luck.. Kiril Stefanov, MSc, CISSP,CISA, CCSE, CCNA [EMAIL PROTECTED] ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
