Firewall-1
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [FW-1] RES: [FW-1] RES: [FW-1] Provider-1 CMA Migration

from Adam BE [Permanent Link]
Subject: Re: [FW-1] RES: [FW-1] RES: [FW-1] Provider-1 CMA Migration
From: Adam BE <adamb_e AT YAHOO DOT COM>
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date: Fri, 24 Mar 2006 15:39:04 -0800 
Hi all,

I think the following procedure is easier and would solve your problem:

Starting SMS of migrated CMA results in error "can't resolve DB schema key - 
SWSERVER_NATADDRESS"
=========================================
Try this procedure:
1. mdsenv <cma_name>; cd $FWDIR/conf/sofaware/
2. mv cpmi-schema.properties cpmi-schema.properties.orig
3. cp $MDS_TEMPLATE/conf/sofaware/cpmi-schema.properties .
4. install policy

Best Regards,
Adam.

Gustavo Vianna <gustavo.vianna AT COMSAT.COM DOT BR> wrote: Excellent! 
Everything worked fine in migration process and now P1 is able to
manage VPN-1 Edge appliances.

Thanks for all!!!

Gustavo.

-----Mensagem original-----
De: chkp tech [mailto:chkptech AT GMAIL DOT COM] 
Enviada em: quarta-feira, 15 de fevereiro de 2006 18:27
Para: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Assunto: Re: [FW-1] RES: [FW-1] Provider-1 CMA Migration

Gustavo,

The problem is with the backwards compatibility folders upon import.  To get
around this you can use the manual process for migrating a CMA.  You might
try this procedure.

1) Export each CMA as follows:
2) Login to the MDS as root.
3) Create a directory somewhere which will hold each CMA's exported
configuration.
4) Under that directory, create a directory for each customer.
5) mdsenv 
6) cd $CPDIR
7) cp -R database /path/to/customer/database.cpdir
8) cd $FWDIR
9) cp -R conf /path/to/customer
10) cp -R database /path/to/customer
11) Create the customers and CMAs using the same names. Do not start any
CMAs.
12) CMA by CMA, right click, then choose "import customer management
add-on".
13) In the dialog that appears, type the appropriate path for that
customer's files. Do not enter any of the subdirectories, such as conf or
conf.cpdir, as this will cause the import to fail.
14) Apply appropriate licensing to the MDS and each CMA, and start all the
CMAs. Verify that the MDG shows the CMAs as started.
15) Apply any global policies needed.


Jason


On 2/15/06, cisco4ng  wrote:
>
> Gustavo,
>
> Can you do this:
>
> 1) Perform an mds_restore on the new provider-1,
> 2) upgrade it to NGx R60A,
> 3) I've been told by Checkpoint that with this method, you will be able to
> manage
> VPM-1 Edge device from Provider-1 NGx R60A
>
>
>
> Gustavo Vianna  wrote:
> You are right! Using mds_backup / mds_restore scripts I have already done
> in the same way that you described and worked fine. But there is a fact
that
> I forgot to mention. The current installation is based on a lot of
> updates... NG FP1, FP3 and now NG+AI R55. The problem is that with this
old
> installation I can�t manage VPN-1 Edge devices from Provider-1. There is
no
> support in current Provider-1 installation. So a fresh R55 installation
was
> the solution for this issue. I don�t know if there is another way to do
> that... suggestions?!




=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================


                
---------------------------------
Yahoo! Messenger with Voice. Make PC-to-Phone Calls to the US (and 30+ 
countries) for 2¢/min or less.

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Re: [FW-1] RES: [FW-1] RES: [FW-1] Provider-1 CMA Migration, Adam BE <=
Previous by Date:  Re: [FW-1] NGx Provider-1 deployment question, Adam BE
Next by Date:  [FW-1] Hot Fix level, Hal Huntley
Previous by Thread:  [FW-1] Need SP for FW-1 (4.1 sparc), Wilson Mohr
Next by Thread:  [FW-1] Hot Fix level, Hal Huntley
Indexes:  [Date] [Thread] [Top] [All Lists]