Hi Everyone,
I would like to share my experience while upgrading checkpoint Connectra appliance to mobile access.
I hope providing this information could help everyone to have a clear vision on it.
Generally we can upgrade the Connectra with two ways,
1. Having them in cluster with the running various migration packages ( checkpoint recommended)
2. Other way is breaking the cluster and performing clean installation (Only I would suggest this if you are a pro)
Fine, I am not a pro so will go with checkpoint recommended style of upgrade. But it is too difficult for the beginners to understand the technical reference guide provided. so I would like to summarize it before I share my experience.
Steps to upgrade the Connectra (NGX R66) to higher version R71.X or R75.X
1. Run the “Gateway migration package” export the configurations.( which initially didn’t work and modification done on the backup file to make it run)
2. Take backup of certain files and then full backup from webui.
3. Then complete the installation of checkpoint with CD or thumb drive (using isomorphic tool)
4. Import the configuration of old connectra gateway using the restore file available in the same gateway migration package.
5. Then upgrade the management server connectra object to mobile access gateway object with help of “management migration tool”
6. Finally push the policy and complete the upgrade.
Sweet, So easy huh..
Yes, when you see this theoretical it is easy but when you want to deploy this then seriously we need to consider various factors.
It is completely new to checkpoint t so even TAC struggles to provide the correct ISO image.
Lots of hurdles when tried to boot from the USB drive.
This is really hard to complete without user impact so plan it well before you perform.
If you have any queries write to me .
No comments:
Post a Comment