Migration from SecurePlatform
to Gaia
|
|
Solution
This
solution describes a method for performing a migration from SecurePlatform to
Gaia.
For example, when you want to replicate machine A (running SecurePlatform) onto machine B (running Gaia).
For example, when you want to replicate machine A (running SecurePlatform) onto machine B (running Gaia).
Important: The process described in this
page handles operating system configuration only. Security Gateway
migration is a different process, which is not discussed in this page.
Steps
- Export the SecurePlatform configuration into a tarball.
- Copy the tarball into the Gaia machine and extract the files.
- Run the Gaia converter on the SecurePlatform configuration files, to generate a clish script.
- Load the clish script into Gaia.
Step 1 -
Export SecurePlatform configuration
You can
do it in two ways:
- The recommended way is copying the configuration files directly, because it does not involve a cpstop and can be run on a production machine. You can use the copyfiles script to copy the files to a tarball.
- Get the files is through backup of SecurePlatform. This involves stopping the firewall (cpstop).
Step 2 -
Copy the file into the Gaia machine
Copy the
files from Step 1 into the Gaia machine, and put them in a directory.
Step 3 -
Run the Gaia converter
Run the
converter utility in the same directory where you put the SecurePlatform
configuration files.
Example:
clish>
expert
Enter
expert password:
bash>
converter -o myconfig
The
resulting myconfig script contains clish commands that can be run in
Gaia to replicate the same OS configuration.
Step 4 -
Load the clish script
There are
two ways to do it:
- The recommended way is to
put the clish script in your home directory, and then run the following
four commands:
clish> set clienv on-failure continue
clish> load configuration myconfig
clish> set clienv on-failure stop
clish> save config
- Run the clish with a script
like this:
bash> clish -fi myconfig
bash> clish -c "save config"
Note: The following files are processed
by the Gaia converter.
Feature
|
File name
|
Interfaces
and routing
|
/etc/sysconfig/netconf.C
|
/etc/sysconfig/network
|
|
Known
hosts
|
/etc/hosts
|
/etc/hosts.allow
|
|
Passwords
|
/etc/shadow
|
User
accounts
|
/etc/passwd
|
Known
DNS servers
|
/etc/resolv.conf
|
/etc/sysconfig/external.if
|
|
DHCP
client
|
/etc/dhcpd.conf
|
DHCP
server
|
/etc/sysconfig/dhcpd
|
DHCP
relay
|
/etc/sysconfig/dhcrelay
|
Cron
jobs
|
/var/spool/cron/root
|
NTP
client
|
/etc/sysconfig/ntp
|
/opt/spwm/conf/cp_http_admin_server.conf
|
|
Known
RADIUS servers
|
/etc/raddb/server
|
RADIUS
groups
|
/etc/raddb/groups
|
/etc/sysconfig/ethtab
|
|
Syslog
|
/etc/sysconfig/syslog
|
Syslog
|
/etc/syslog.conf
|
ARP
dynamic cache size
|
/proc/sys/net/ipv4/neigh/default/gc_thresh3
|
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.