This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cluster Node Replacement - Keeping License Valid

We are running a pair of SG310s in an active/passive failover cluster.

Both of these units have reached end of hardware support so we need to swap out both nodes.

In addition to this our licenses for features are also ending and we have a few days remaining on these.

We have an activation code for the new hardware and software for one new unit and a hardware activation code for the other.


What we are aiming to achieve is to swap out both hardware nodes without any (more than a usual failover) drop of service.

Current Setup

 ID Role  Device name  Status  Version  Licensing
 1  SLAVE  Node1  READY  9.503-4 Base License Only
 2  MASTER  Node2  ACTIVE  9.503-4 FullGuard License Associated

 

So I was thinking ...

Swap the unit ID1 out with the new unit that has the software subscription associated with the hardware.

Apply the new license to the system.

Swap the unit ID2 out with the other new unit that only has the base license applied.

 

In terms of version I was expecting to bring both active nodes up to the latest release (9.505-4) and update the two new units to the same version before starting anything.

 

Is it this simple, or am I missing something?

Thanks in advance ...



This thread was automatically locked due to age.
Parents
  • It is really simple if you replace the UTM with same Hardware type.
    Install current version to cluster and new devices. (use the 30day eval at the new devices)
    make a factory reset at the new devices.
    shutdown cluster slave-node.
    remove slave node (marked as "dead" now) from HA
    add first new device to the cluster. (simple by connecting the HA interface)
    wait until sync is ready
    remove second old system
    add second new device - wait until sysnc is ready

    This way "replacing a cluster node" keeps all files and configuration.
    License is included within configuration and keeps active if new devices are from same type.
    License is NOT bound to a specific device.

    If you wish to replace the License now, upgrade the old one or generate a new license and import the license-file.

    If new devices are from different device type ... please note this here


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Reply
  • It is really simple if you replace the UTM with same Hardware type.
    Install current version to cluster and new devices. (use the 30day eval at the new devices)
    make a factory reset at the new devices.
    shutdown cluster slave-node.
    remove slave node (marked as "dead" now) from HA
    add first new device to the cluster. (simple by connecting the HA interface)
    wait until sync is ready
    remove second old system
    add second new device - wait until sysnc is ready

    This way "replacing a cluster node" keeps all files and configuration.
    License is included within configuration and keeps active if new devices are from same type.
    License is NOT bound to a specific device.

    If you wish to replace the License now, upgrade the old one or generate a new license and import the license-file.

    If new devices are from different device type ... please note this here


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Children
  • Thanks dirkkotte,

    I thought that was roughly what we needed to be doing, some of the language around the licensing is a bit confusing.

    We have been given activation codes, one for the new appliance without any additional licensing and one for the new appliance with the bundle we have purchased.